“We install a little module in the Linux module that is running the containers,” Degioanni told The New Stack, “because with containers, the Linux kernel is sort of the hypervisor. We inject, when you deploy your container, a little module in the kernel, and this module is able to inspect any other containers from underneath — see any interaction, any file that is open or closed, any network connection, any application that is running, any process, and so on.”

curl -fsSL | sh

