What is Kubescape?

An open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters

Kubescape is one of the fastest-growing Kubernetes security and compliance open source projects. Targeted at the DevSecOps practitioner or platform engineer, it includes risk analysis, security compliance, and misconfiguration scanning. It offers an easy-to-use CLI interface, flexible output formats, and much more. Bottom line, Kubescape saves Kubernetes users and admins precious time, effort, and resources.

Kubescape was created by ARMO and is a Cloud Native Computing Foundation (CNCF) sandbox project.

+200K
Weekly scans
github stars
github icon
+7.5K Stars
stars
+80K
Users

Why DevOps love Kubescape?{ }

DevOps first experience

Security where you are at, with native integrations to your favorite IDEs like Lens & VS Code and CI/CDs like GitHub & GitLab.

Ease of use

Easy to use CLI and Kubernetes Operator with flexible output formats. Provides remediation advice for detected misconfigurations and configuration drift. Get from scanning to solution in minutes.

Effortless security expertise

Frictionless security. Guides you throughout the software development lifecycle with security guardrails and remediation advice while you go about your daily work.

Kubescape is a CNCF sandbox project

Key features

Key features

Key features

Secure your Helm charts from the first line of YAML you write in your IDE, with in-place scanning and remediation advice.

Support for multi-cloud

Support for multi-cloud

Enjoy frictionless security, regardless of your choice cloud provider(s) and selected Kubernetes distribution.

Kubernetes compliance

Kubernetes compliance

Base your compliance efforts on one or more, recognized frameworks. - NSA-CISA, MITRE ATT&CK, CIS Benchmark

Kubernetes hardening

Kubernetes hardening

Ensure you get ahead of misconfigurations and vulnerabilities and fix them fast. Manually trigger a scan, define recurring or event triggered scans.

CI/CD security

CI/CD security

Shift security left by automating security for DevOps workflows. Incorporate security gates across the software development lifecycle.

Interested in the enterprise platform powered by Kubescape?

Check out ARMO Platform: enterprise-grade Kubernetes and CI/CD security, powered by Kubescape.