ARMO Monthly Product Roundup – November 2025

Nov 3, 2025

Yossi Ben Naim
VP of Product Management

Hi there,
We’ve just dropped a fresh batch of updates to help you cut through the noise, stay in control, and secure your cloud-native environments with more precision. Here’s what’s new in the ARMO Platform this month:

Connect Your Entire AWS Organization in One Step

Now you can integrate your entire AWS Organization, not just individual accounts.
Why it matters: Get full visibility across all accounts in your org without repetitive setup. It’s a faster, easier way to scale security coverage across AWS.

Noise suppression through precise runtime scoping

Not every incident is a threat. Our new Risk Acceptance feature lets you suppress alerts triggered by benign processes, known tools, or expected behaviors, without losing visibility.
You can define suppression rules by scope (workload, namespace, cluster) and by entity (processes, files, DNS, HTTP, cloud API calls), using precise, multi-condition matching.
Why it matters: Cut alert fatigue, stay focused on real threats, and keep your dashboards clean without compromising security.

Find Runtime Incidents Faster with Full-Text Search

Quickly zero in on what matters. Our new search lets you filter incidents by tags, attributes, or free text right from the incident dashboard.
Why it matters: Investigate faster, audit smarter, and save time during incident response.

Group Runtime Incidents by Threat, Namespace, or Workload

Now you can easily organize your incidents. Incidents are automatically grouped by Threat, Account, Host, Cluster, Namespace, or Workload, and you can switch to an Ungrouped (flat list) view anytime for complete control.

Why it matters: Quickly spot patterns, pinpoint problem areas, and take batch actions, making triage and investigation faster and more efficient.

Scanning for EC2 Vulnerabilities

The ARMO Platform now enables continuous detection and monitoring of host-level vulnerabilities across your AWS cloud infrastructure. You can scan in both agentless and agent-based modes for full flexibility.
Agentless EC2 Scanning: Identify vulnerabilities in your AWS environment without installing the ARMO Agent. This provides a quick, low-touch way to assess risks while maintaining strong data privacy.
Why it matters: Gain continuous visibility into host security risks on AWS instances, strengthen your infrastructure posture, and reduce manual effort.

🚀 Try these new features in your ARMO account today, or schedule a live demo to see them in action.
Questions or feedback? Just hit reply, we’d love to hear from you.

Until next month,
— The ARMO Team