Kubernetes Security Made Simple
{Built for Developers}

An Open-source Kubernetes security single-pane-of-glass for risk analysis, security compliance, misconfiguration scanning, RBAC and image vulnerabilities scanning.

+80K
Downloads

github star star star star star

+50K
Users

Devops first experience

  • Simple, Easy-to-use CLI interface
  • Flexible output formats - JSON, JUNIT, Prometheus exporter
  • Supports open-API framework (Swagger)

Secure your SDLC and CICD pipeline- from configuration to deployment

  • Set security gates and prevent security issues from reaching production
  • Plays nicely with any other DevOps tools, including Jenkins, CircleCI, Visual Studio, Github workflows, Prometheus, and Slack
  • Supports multi-cloud K8s deployments - EKS, GKE, AKS an Openshift

Get Value in less
than 3 min

  • Easy installation using Install script or downloading directly from GitHub
  • Flexible deployment methods - In-cluster component (using HELM repo) or API-based with read only privileges

Kubernetes configuration scanning()

  • Scan code repositories, manifest files (YAML, Helm), K8s clusters, worker nodes, and API servers;
  • Define and enforce Kubernetes security best practices against multiple frameworks as NSA-CISA, CIS, MITRE, K8s Best Practices, or create your own custom one
  • Identify and prevent configurations drifts continuously, from CI/CD to Production
  • Get instant K8s risk score, see history of past scans and learn risk trends overtime;

Kubernetes & containers vulnerabilities scanning()

  • Continuously scan images registries and containers’ images for vulnerabilities;
  • Easily identify, prioritize, and filter which vulnerability to patch first;
  • Continuous Kubernetes security tightening and attack surface reduction

Kubernetes RBAC made easy()

  • Visual RBAC configuration graph with Easy-to-use and easy-to-understand;
  • RBAC configuration built-in queries – What you need to be aware of;
  • Customized RBAC investigation tool;

Run within your CI/CD()

  • DevOps first experience 
  • Embed security into any stage of your SDLC – from configuration to production
  • Simple integration to your favorite pipeline tools including Jenkins, CircleCI, Gitlab, Github workflows, Prometheus, Lens, Slack, and more;
  • Supports multi-cloud K8s deployments like EKS, GKE, and AKS
  • Easy to use CLI interface and flexible output formats;
  • API Based with read-only Privileges;
Trusted by
50,000
[Users]
From
914
[companies]

Gil Gershonovich
R&D Group Lead

at Optimove

Walter Lee
Senior Software Engineer

at Googleat Wells Fargo

Sagi Kruvi
Devops Team Lead

at Googleat Cognyte

Alan Clucas
Multi-talented Software Engineer with Ops and Devops experience and even some soft skills

at World Programming

Erez Kirson
senior solution architect

at Redhat

Lars Larsson
PhD, Senior Cloud Architect, and DevOps Expert Engineer

at Elastisys

Tom Bosworth
Security Engineer

at 9Spokes

Tim Collins
Senior DevOps Engineer

at Sendible
star star star star star
ARMO provides us with a solution that is agnostic to the underlying infrastructure and protects the application from within, regardless of how untrusted or hostile the environment is.
M.K, Director of Cyber
Fortune 500 tech company
star star star star star
ARMO provides us with a solution that is agnostic to the underlying infrastructure and protects the application from within, regardless of how untrusted or hostile the environment is.
M.K, Director of Cyber
Fortune 500 tech company

Integrates well with your DevOps Tools.

github Visit Git
It’s Free  forever!