GitLab makes it straightforward to protect applications deployed in connected Kubernetes clusters. These protections are available in the Kubernetes network layer and in the container itself. At the network layer, the Container Network Security capabilities in GitLab provide basic firewall functionality by leveraging Cilium NetworkPolicies to filter traffic going in and out of the cluster and traffic between pods inside the cluster. Inside the container, Container Host Security provides Intrusion Detection and Prevention capabilities that can monitor and block activity inside the containers themselves.
The following capabilities are available to protect deployed applications in Kubernetes: