Run Podman containers instead of Docker for RHEL v8.
Podman is a daemonless container engine for developing, managing, and running OCI Containers on Linux systems. Containers can either be run as root or in rootless mode.
If you use the Shell installer to install an engine, Cortex XDR automatically detects the container management type based on the operating system. For example, if your operating system is running RHEL v8 and higher, Cortex XDR installs Podman packages and configures the operating system to enable Podman in rootless mode.
Note
When upgrading an engine, the engine keeps the previously used container management type (regardless of distribution version).
If using PowerShell integrations, you may need to configure the default SELinux policy as Podman can affect processes that mmap to /dev/zero.
Docker hardening guidelines can be applied to Podman, except Limit Available Memory, Limit Available CPU, and Limit PIDS.