search logo search cross
Schedule a demo

Struggling to find cloud security expertise?

Our dashboards correlate events across the multi cloud and on-premise, Reduce resolution time time by 95%

Start Risk Assessment

Webinar

AI-LLM-webinar-card
1/4

eBook

ebook

Get eBook worth $199 for Free

DOWNLOAD NOW
2/4

Blog

mssp

Why AccuKnox is the most MSSP Ready CNAPP?

LEARN MORE
3/4

Comparison

Comparison

Searching for Alternative CNAPP?

COMPARE NOW
4/4

VM Onboarding And Security

Welcome to this in-depth demo on how to onboard and secure virtual machines (VMs) using the AccuKnox SaaS Platform. In this video, we walk through the full lifecycle of onboarding a VM, connecting worker nodes, and enforcing runtime policies to secure both the host VM and the containers running inside it. Whether you’re a DevSecOps engineer, cloud security architect, or platform operator, this demo offers practical insights into deploying AccuKnox agents and implementing fine-grained security controls in your cloud environment.

We begin by demonstrating how to onboard a new VM in the AccuKnox platform. First, we navigate through the UI to the “Manage Clusters” section and initiate the VM onboarding process. Users are guided through naming the cluster, and then presented with a clear three-step process for onboarding.

Before diving into the onboarding steps, we explain the prerequisites necessary for a successful deployment. These include installing Docker and Docker Compose on both the control plane VM and the worker VM. Additionally, support for BPF LSM (Berkeley Packet Filter Linux Security Module) is required. Resource recommendations are also provided: the control plane VM should have at least 2 CPUs, 4GB of RAM, and 64GB of disk space, while the worker VM needs 2 CPUs and 2GB of RAM.

In step one, we install the noxctl binary on both the control plane and worker VMs. This tool is essential for managing AccuKnox agents. After installation, we move to step two, where we onboard the control plane VM using the noxctl onboard-vm-cp-node command. This installs several key AccuKnox agents as Docker containers—such as VService (for filesystem data collection), SHInformer (for system authentication), and the Policy Enforcement agent.

Once the control plane is set up, we proceed to the third step—connecting the worker VM to the control plane using the noxctl onboard-vm-node command along with the control plane’s IP address. This establishes a secure link between the two VMs, allowing for centralized management and policy enforcement. After successful onboarding, we verify that both VMs are visible under the Cloud Workload section of the UI, confirming that they’ve been connected properly.

With onboarding complete, the video shifts focus to security policy enforcement. We demonstrate how to apply a host-level policy designed to block the execution of package management commands like apt and apt-get. After applying the policy to the VM, we test it by attempting to run these commands. As expected, both commands are blocked, and alerts are generated in real time within the AccuKnox UI, showcasing the platform’s capability for immediate response and detailed logging.

Next, we explore container-level security by spinning up an Ubuntu container inside the onboarded VM. Once the container is running, we apply a file integrity monitoring policy that enforces read-only access to critical directories such as /usr/sbin and /usr/lib. We test the policy by attempting to create and delete files within these directories. As designed, all unauthorized actions are blocked, and corresponding alerts are logged, highlighting the effectiveness of AccuKnox’s runtime protection.

Finally, we deactivate the policies and demonstrate that commands and file operations that were previously restricted now execute successfully, proving that the enforcement mechanisms are working as intended.

This video provides a comprehensive, hands-on demonstration of AccuKnox’s powerful VM and container security capabilities—from onboarding to policy enforcement. It offers actionable guidance on deploying a zero-trust security posture in your cloud-native workloads.

🔒 Key Features Covered:

  • VM Onboarding Workflow
  • Agent Deployment via noxctl
  • Host and Container Policy Enforcement
  • Real-Time Threat Detection and Alerting
  • File Integrity Monitoring
  • Command Execution Control

Thank you for watching! If you found this demo helpful, do connect with us for more information and help on securing your cloud infrastructure with AccuKnox.

💻 Learn more about AccuKnox
Contact: https://accuknox.com/contact-us
❓Get help with queries
Slack: https://kubearmor.slack.com/
💬 Follow AccuKnox on social media
LinkedIn: https://www.linkedin.com/company/accuknox/
X: https://x.com/Accuknox
✅ Subscribe to Accuknox’s YouTube channel https://www.youtube.com/channel/UCLqK