Scan Kubernetes clusters, YAML files and HELM charts at early stages of the CI/CD pipeline;
Integrated seamlessly with common DevOps tools such as Jenkins, CircleCI, Github actions, Gitlab etc.;
Kubernetes Security
{Built for DevOps}
The Open Source Kubernetes Security Platform - from development to production, configuration to runtime
+50,000
Downloads
+20,000
Users
“This is pure gold!!! Kubescape helps admins manage Kubernetes securely”
Start now.
Join tens of thousands of happy users
Kubernetes configuration scanning()
Detection of misconfigurations and configurations drifts;
Scanning of IaC (YAML, Helm), Code repositories, K8s clusters, worker nodes, and API servers ;
Multiple industry frameworks (NSA, MITRE, etc.) available, create your own customized compliance frameworks;
Get instant K8s risk score, see history of past scans and learn risk trends overtime;
See where the K8s resource has failed and what was the cause and get recommendations on how to fix it;
Detection of misconfigurations and configurations drifts;
Scanning of IaC (YAML, Helm), Code repositories, K8s clusters, worker nodes, and API servers ;
Multiple industry frameworks (NSA, MITRE, etc.) available, create your own customized compliance frameworks;
Get instant K8s risk score, see history of past scans and learn risk trends overtime;
See where the K8s resource has failed and what was the cause and get recommendations on how to fix it;
Kubernetes & containers vulnerabilities scanning()
Continuously scan containers’ registries and images for vulnerabilities;
Easily see, sort, and filter which vulnerability to patch first;
Identify new vulnerabilities that impact K8s attack surface;
Continuously scan containers’ registries and images for vulnerabilities;
Easily see, sort, and filter which vulnerability to patch first;
Identify new vulnerabilities that impact K8s attack surface;
Kubernetes RBAC made easy()
Easy-to-use and easy-to-understand, visual RBAC configuration graph;
Built-in queries of things you need to be aware of in your RBAC configuration;
Customized RBAC investigation tool;
Easy-to-use and easy-to-understand, visual RBAC configuration graph;
Built-in queries of things you need to be aware of in your RBAC configuration;
Customized RBAC investigation tool;
Run within your CI/CD()
Simple integration to your favorite pipeline tools including Jenkins, CircleCI, Gitlab, Github workflows, Prometheus, Lens, Slack, and more;
Easy to use CLI interface and flexible output formats;
API Based with read-only Privileges;
Simple integration to your favorite pipeline tools including Jenkins, CircleCI, Gitlab, Github workflows, Prometheus, Lens, Slack, and more;
Easy to use CLI interface and flexible output formats;
API Based with read-only Privileges;
Kubescape overview
Join our community_
ARMO’s Kubernetes Security Solutions from Dev To Production
Configuration
Check early
in the CI/CD.
Deployment
Continuous
Kubernetes Posture Control
Production
Runtime
Zero-trust
Configuration
Deployment
Production
Check early
in the CI/CD.
Open Source.
Free Forever.
Continuous
Kubernetes Posture Control
Continuous monitoring of clusters’ posture;
Container software vulnerability scanning and remediation;
RBAC visualization and validation;
Runtime
Zero-trust
Deep runtime observability
In-memory process protection
Secret protection
Zero Trust network protection
Service Mesh interoperability
Trusted by
15,394
[Users]
From
109
[companies]
Gil Gershonovich
R&D Group Lead
at Optimove
Walter Lee
Senior Software Engineer
at Wells Fargo
Sagi Kruvi
Devops Team Lead
at Cognyte
Alan Clucas
Multi-talented Software Engineer with Ops and Devops experience and even some soft skills
at World Programming
Erez Kirson
senior solution architect
at Redhat
Lars Larsson
PhD, Senior Cloud Architect, and DevOps Expert Engineer
at Elastisys
Tom Bosworth
Security Engineer
at 9Spokes
Tim Collins
Senior DevOps Engineer
at Sendible
“This is pure gold!!! NSA and CISA K8s hardening guidelines using OPA (Open Policy Agent). Kubescape helps admins manage Kubernetes securely”
“Kubescape is an excellent tool for testing Kubernetes clusters for compliance rules that have been recently published in Kubernetes Hardening Guidance by NSA and CISA. I’m adding it to my list of the tools that help to keep my clusters secure.”
Tomasz Cholewa, Head of Cloud Infrastructure
DevSkiller | Cloud Native Strategist | DevOps Practitioner
“You can also run Kubescape against Kubernetes manifests which is a great way to stop violations before the resources are deployed to a Kubernetes cluster”
“ARMO provides us with a solution that is agnostic to the underlying infrastructure and protects the application from within, regardless of how untrusted or hostile the environment is.”
“Making native Kubernetes mechanisms like K8s Secrets available in a secure way to every developer helps us maintain compliance without development overhead.”
