Proactive Security profiles. Automated.
bifrost provide a central service to help you automate security profiles for your containers. Hooking into your test environments to collect behavioral data at runtime, bifrost can provide tailor-made security and an up-to-date AppArmor profile at every deployment to production.
Research show promise.
bifrost is the result of research into Container security conducted at Lund University. Testing an early version of the bifrost engine shows much promise in minimizing the exploitable vulnerabilities in a given codebase. This experiment was built upon common open-source projects to conduct a Backend with a database and API endpoints to access the data. In the provided tech stack, 11 vulnerabilities were publicly exploitable, and together with a custom profile, 7 of them were successfully blocked.
Successfully blocked exploits using bifrost profile.
bifrost, automatic AppArmor profiles
Integrated into your environment
bifrost uses a lightweight listener (daemonSet) installed in the test/staging cluster to collect behavioral audit events. These audit event logs have a small footprint, contain no actual information about what data has been processed, and do not contain any personal information. This data is streamed to bifrost service, which keeps track of the continuous changes to the codebase in the test environment. When it is time to ship it to production, bifrost provides an up-to-date and tailor-made AppArmor profile that is then deployed with the software.
Better insights, fewer vulnerabilities
bifrost daemonset can also be deployed into your production environment to capture production-specific behavior from your containers and notify you when unwanted behavior occurs.
These data points will provide better insights into how your services behave or misbehave, making it easier to track unwanted bugs and close vulnerabilities to keeping your software safe.
AppArmor & Kubernetes
AppArmor is a popular Linux security module that provides an additional layer of protection for applications and processes running on a system and has been adapted successfully to protect containerized applications. It enforces security policies based on predefined profiles defining which system resources an application can access. These profiles are designed to restrict the application's privileges to only those necessary for its intended functionality, reducing the attack surface and mitigating the impact of potential security breaches.
You can read more about AppArmor at its official website, AppArmor.
AppArmor for Kubernetes nodes
In a Kubernetes cluster, AppArmor can protect the cluster's nodes by using profiles for each service running on the node. This prevents a compromised service's unauthorized access to system resources, reducing the likelihood of a successful attack.
There are many benefits of using AppArmor to protect nodes in a Kubernetes cluster, such as:
It provides an additional layer of security that complements other security measures already in place, such as network security and access control.
It reduces the risk of security breaches by limiting a service's privileges to only those necessary for its intended functionality.
It makes it easier to detect and isolate compromised applications, which can help prevent the spread of an attack and minimize its impact.
Read more about how to use AppArmor in Kubernetes in the official documentation here Restrict a Container's Access to Resources with AppArmor | Kubernetes.
Apparmor and modern software development
-
Many drivers, including dev tools, can help automate software delivery from development to production in a highly automated fashion. This fosters quick and agile releases of new versions with new features, maintenance fixes, and upgrades.
Manually adapting AppArmor profiles to this moving target is hard and will often result in a cat-and-mouse chase that will limit the profile’s effectiveness.
-
Building on open-source frameworks and libraries is the foundation of modern software development. These dependencies are essential building blocks enabling developers to rapidly build powerful and flexible applications. However, the sheer number of dependencies that modern applications rely on makes maintenance and security challenging.
Writing AppArmor profiles that account for every dependency action is a complex endeavor that is hard to get right. Often, the profiles become just simple blacklists for what the service cannot do, allowing everything else.
-
Writing low-level AppArmor profiles is a complex task that requires a deep understanding of the system’s security model and the specific needs of the profiled service. The complexity arises from the need to understand the many different aspects of the system’s security architecture and how to properly configure the profile to ensure that it provides the necessary protections without impeding the service’s functionality. This process requires a high degree of technical knowledge and expertise, and even experienced platform engineers may face challenges in crafting a robust and effective AppArmor profile.