Runtime control policies

A runtime control policy determines the actions that are taken by the solution when monitoring and controlling runtime operations of containers in accordance with the security policies. Kaspersky Container Security maintains control based on security threats detected in an image, the severity level of these threats, and the availability of digital signatures.

Containers in the runtime may run from verified images or from images that are still unknown to the solution.

On the Policies tab, under Policies → Runtime, a table displays a list of configured runtime control policies.

You can use the list to do the following:

• Add new policies. Click the Add policy button located above the table to open the policy settings window.
• Change policy settings. You can open the editing window by clicking the policy name link.
• Enable and disable policies. Policies are disabled and enabled by using the Disable / Enable toggle button in the Status column of the table containing the list of created policies.

  If you disable a policy, Kaspersky Container Security will not perform the actions specified in that policy.

• Search for policies. To find a policy, use the search field above the list of response policies to specify the policy name or part of it.
• Delete policies.

To work optimally, a runtime policy must be supplemented by runtime container profiles, which define the rules and restrictions for running containers in the runtime environment.