Container Security Tools — Storage, Runtime and Environment

What tools are people using for container security to secure container storage, runtime and environment? We have limited on-premises infrastructure these days and use mainly AWS, Azure and GCP.We currently use Wiz; this is currently agentless and can scan both container storage as well as container environment (e.g. AWS Fargate) and will soon have an agent that can scan a container’s runtime. We are looking at Crowdstrike and SentinelOne for general endpoint protection and EDR, and these also have the facility to scan containers. Does anyone have any recommendations or information based on comparisons?

You could also have a look at Orca. I have not deployed or evaluated in any detail but a recent demo covered most topics you mentioned.

We went with SentinelOne, been a great experience to date compared to the other XDR solutions we trialled, made it a very simple choice.