Runtime Protection and EDR for Containerized Workloads

Cloud-native containerized workloads need runtime security protection and EDR visibility just like any other compute. SentinelOne provides SecOps and DevSecOps these capabilities.

Kubernetes Sentinel agents are components of the SentinelOne Singularity platform and supplement pre-production CI/CD container scanning with real time protection for live, in-production containers. Runtime protection is vital to identify and stop previously unknown threats that pre-production scans miss. K8s Sentinels also remove a blind spot for the SOC by enabling EDR threat hunting visibility into container operations. The efficient one agent per node architecture supports self-managed Kubernetes and major cloud service providers including AWS EKS and Azure AKS.

Kubernetes Sentinel enforcement points are managed within the same multi-tenant console alongside other Sentinels for Windows, macOS, and Linux. Administration is flexible, distributed, and managed via role-based access controls that match your organization’s structure. Kubernetes Sentinels offer compatibility and ongoing support for popular Linux families without the risk of kernel module instability or container interference.

Kubernetes Sentinel features include


  • Support for all major Linux distributions
  • No kernel modules required.
  • Installation ease via Helm
  • One agent per node. Auto scales as workloads grow and shrink.
  • Fully customizable SaaS multi-tenant management and RBAC

Container Prevention

  • On-agent intelligence means no cloud delay protection
  • On-agent Static AI blocks & quarantines malware in real time in ELF, Windows and Mach-O binaries
  • On-agent Behavioral AI stops previously unknown fileless threats in real time
  • On demand disk scan

Container ActiveEDR

  • Storyline Threat Hunting
  • Storyline Active Response automation
  • 14 – 365+ days EDR data retention

The Kubernetes Sentinel for containerized workloads offers more real time prevention, detection, response, and visibility features than any other vendor. Please contact your local Exclusive Networks Account Manager to find out more or visit here SentinelOne’s website here.