Hardening security on Kubernetes with KubeArmor
KubeArmor provides runtime protection on Kubernetes using policies. It uses eBPF and Linux Security Modules (LSM). It can restrict any malicious or unwanted behavior by cluster uses.
As you can see the Kubearmor is placed between the kernel and running pods. In this placement, it can filter out restricted actions.