Skip to main content
Loading image...

Cloud-native container hardening for Kubernetes — from syscall to protocol, from workload to AI Agent.

Get StartedGitHub

Core Features

Multiple enforcers, flexible policies, ready for production

Cloud-Native Icon

Cloud-Native

Follows the Kubernetes Operator design pattern, allowing users to harden specific workloads by manipulating the CRD API.

Multiple Enforcers Icon

Multiple Enforcers

Provides AppArmor, BPF, Seccomp, and NetworkProxy enforcers that can be used individually or combined to control file access, process execution, network egress, and syscalls.

Network Proxy Icon

Network Proxy

Transparently intercepts container egress traffic via an Envoy sidecar, enabling L4/L7/TLS SNI access control with audit logging and dynamic policy updates — no Pod restart required.

AI Agent Protection Icon

AI Agent Protection

Defense-in-depth for AI Agent workloads — enforce access control from syscalls to network protocols, mitigating prompt injection-induced tool abuse and data exfiltration.

Allow-by-Default Icon

Allow-by-Default

Only explicitly declared behaviors will be blocked, which effectively minimizes performance impact and enhances usability.

Deny-by-Default Icon

Deny-by-Default

Enforces an allowlist policy where only explicitly permitted behaviors are allowed, providing the strongest security posture for sensitive workloads.

Built-in Rules Icon

Built-in Rules

Features a range of built-in rules ready to use out of the box, eliminating the need for expertise in security profile creation.

Behavior Modeling Icon

Behavior Modeling

Supports behavior modeling for workloads to develop allowlist profiles and guide configurations to adhere to least privilege.

Architecture

How vArmor protects your workloads

Loading image...

vArmor primarily consists of two components: the Manager and the Agent. The Manager is responsible for responding to and managing policy objects, while the Agent handles the management of enforcers and profiles on Nodes.

vArmor also supports the NetworkProxy enforcer, which injects an Envoy sidecar proxy and an init container into target Pods via the mutation webhook. The init container sets up iptables rules to redirect egress traffic to the Envoy sidecar, which then enforces L4/L7 access control policies generated by the Manager and delivered via ConfigMap.

With VarmorPolicy or VarmorClusterPolicy objects, users can harden specific workloads and decide which enforcers and rules to use. The ArmorProfile CR acts as an internal interface used for profile management.

Quick Start

Get up and running in minutes

1. Fetch chart

helm pull oci://elkeid-ap-southeast-1.cr.volces.com/varmor/varmor --version 0.10.0

2. Install

helm install varmor varmor-0.10.0.tgz --namespace varmor --create-namespace --set image.registry="elkeid-ap-southeast-1.cr.volces.com"

3. Apply Policy

Create a VarmorPolicy to protect your workloads — supports AppArmor/BPF/Seccomp rules and NetworkProxy egress control

View Full Guide

Community

Join the vArmor community

Open Source

vArmor was created by the Elkeid Team of the endpoint security department at ByteDance. The project is licensed under Apache 2.0 and is in active development.

Star on GitHub

Contribute

We welcome contributions from the community! Whether it's reporting bugs, improving documentation, or adding new features, your help is appreciated.

Contribution Guide