guard-service is the Guard backend service which is used for:
- Learning per-service micro-rules from piles of profiles sent by guard-gate
- Constructing and storing per service Guardians
- Caching Guardians and servicing guard-gate requests for Guardians
- Aggregating alerts
- Restarting compromised pods
Guardians are based on the guard.security.knative.dev package.
To access Guardians, guard-service uses the guard-kubemgr package.
See Guard Architecture to learn about how Guard process and learn internally security data.
Always review the set of micro-rules produced by guard-service before moving to a production environment and if you decide to use guard-service in a production environment, it is safer to use manual microrules and treat the microrules produced by guard-service as a recommendation for human review.