monitoring, signature-based continuous scanning using Common Vulnerabilities and Exposures (CVEs), runtime behavior analysis, and container policy enforcement.The security stack in the security sidecar container hardening from DCAR containers are preserved and complies with the NIST 800-190 requirements [12]. 3. Runtime Defense, this can perform both signature-based and behavior-based detection. This can also be used Log Storage and Retrieval Service 2. Service Mesh 3. Program-specific artifact repository 4. Runtime Behavior Analysis Artificial Intelligence (AI) service 5. DCAR for the hardened containers 6