About Intezer Protect – Intezer Docs

Intezer Protect is a Cloud Workload Protection Platform (CWPP) that defends your cloud infrastructure against unauthorized and malicious code. Intezer aims to protect all types of cloud compute resources, VMs, containers, Kubernetes, CaaS, and FaaS, under one roof, without the need to configure any policies or rules.

Intezer enables you to verify that you're running 100% trusted code at all times by revealing the “genetic” origins of all running processes and applications.

Intezer Protect offers five main capabilities:

Visibility
Threat Detection
Response
Reducing the Attack Surface
Born in the Cloud

Features and Benefits

Visibility

Monitor and log any running application or code.
Visual dashboard showing high-level security status of all compute resources.

Threat Detection

Detect malicious code or malware in runtime, including in-memory threats.
Detect unrecognized or unauthorized code.
Detect exploitation of known and unknown vulnerabilities.
Detect suspicious shell commands and Living off the Land (LotL) attacks.

Response

Quickly terminate any unauthorized code without harming production.
Contextual alerts, including the origin of code and malware family.
Root Cause Analysis for incidents; identify the point of compromise to fix the original vulnerability quickly.
Seamlessly integrate with tools such as SIEM, SOAR, and even Slack.

Reduce Attack Surface

Identify and disable unwanted or risky applications.
Identify vulnerabilities in runtime.
Identify misconfigurations.
Align with security benchmarks (CIS, NIST)

Born in the Cloud

Holistic security for all types of compute resources: VMs, containers, Kubernetes, CaaS, and FaaS.
Integrated threat intelligence specializing in Linux threats.
Integrate with your favorite DevOps tools, including Chef, Puppet, Ansible, and more.
Identify and disable unwanted or risky applications.
Identify vulnerabilities in runtime.
Identify misconfigurations.
Align with security benchmarks (CIS, NIST).