What is Luntry?

Luntry is a solution that helps improve the observability of what is happening in cloud-native applications managed by the Kubernetes framework.

The information Luntry gives you helps you ensure your services’ reliable and smooth functioning and manage their security without slowing down the production cycle.

Who is Luntry for?

Luntry provides developers, QA, security and Ops teams with a complete picture of services and infrastructure and helps them understand each other and communicate efficiently.

What makes Luntry different from other solutions?

The key feature of Luntry is the real-time observation of the Kubernetes infrastructure’s behavior: you can see all current changes, track interactions inside the system, and detect anomalous behavior of services. It also shows you the difference between Dev, Test, Stage, and Prod environments.

How does Luntry licensing work?

Our licensing policy is based on the number of nodes a client has.

What are the technological benefits of Luntry?

Thanks to eBPF, the platform can collect system calls from the nodes quickly and without intrusion and use them for training and generating container behavior models. The applications themselves do not have to be modified.

How does it work?

Luntry is a set of containers delivered as Kubernetes resources. The solution is a system of sensors (DaemonSet) collecting information from nodes and sending it to the back-end.

Is a sensor a separate agent, a sidecar, or part of a container?

A sensor is a separate agent that in no way intervenes with the functioning of applications.

Could a sensor cause damage?

A sensor cannot harm the system. eBPF allows Luntry to collect system calls quickly and without intrusion and use them for training and generating container behavior models.

How long does it take to install Luntry?

Luntry is a set of Kubernetes resources, which can be installed in 5-7 minutes.

What data leave the client's perimeter?

The solution is entirely on-premise, so no data leaves your company’s perimeter.

How are behavior models generated?

Behavior models are generated based on the system calls inside containers received from the sensors. Machine learning algorithms present behavior as a graph. Then, this information is correlated with the content of container images, the content of Kubernetes resources, and high-level events.

How often a behavior model has to be retrained?

Retraining is only required if you want to generate a new behavior model for an updated service automatically. Otherwise, you can fine-tune an existing model and correct it as necessary.

What's the difference between anomalies and incidents?

An anomaly is a discrepancy between the expected and the observed. Such events make us look for development errors or an attacker trying to break into a container.

An incident is an anomaly that the operator recognized as a disruption in behavior.

What changes does Luntry track?

Luntry tracks the following information and related changes:


  • high-level Kubernetes events;
  • content of container images;
  • features of processes inside containers;
  • interactions between processes and the file system and network subsystem.

As a result, you get behavior models and a snapshot of the system’s current state, which provide a common framework for developers, QA, security, and ops teams.

Does Luntry depend on the volume of incoming traffic?

Luntry does not depend on incoming traffic and does not monitor or analyze network traffic. Its performance is affected only by the number of system calls.

Is any specific knowledge required to work with Luntry?

No, you can work with the platform without special qualifications. It is created to facilitate your team’s work inside the Kubernetes infrastructure.

How to request a webinar or a demo?

You can request a demo by filling out the form below.

Questions? Write to us!

    *By submitting, I agree on Privacy Policy