ARMO Updates Kubescape
October 13, 2021

ARMO announced the release of a new, expanded version of its Kubescape tool.

Kubescape is the world’s first open-source testing tool for Kubernetes environments that is compliant with the standards set forth in the Kubernetes Hardening Guidance released by the NSA and CISA.

Kubescape is one of the fastest-growing Kubernetes security tools among developers due to its easy-to-use CLI interface and flexible output formats. Just weeks after launching, Kubescape has become an immensely popular tool in the Kubernetes community, with more than 4000 stars and tens of thousands of downloads on Github, and thousands of active developers embracing the solution. Kubescape scans K8s clusters, YAML files, and HELM charts, providing hyper accurate results and enabling the detection of misconfigurations and software vulnerabilities at early stages of the CI/CD pipeline. It also integrates natively with other DevOps tools, including Jenkins, CircleCI and Github workflows.

The expanded version of Kubescape has been updated with new Kubernetes configuration scanning, based on the MITRE ATT&CK® framework. Kubescape is an open- source Kubernetes product to leverage the MITRE framework for testing. Teams can test Kubernetes against multiple frameworks in one single tool.

The new registration-based SaaS Kubescape solution, which is free to use, offers additional benefits including:

- User-friendly UI for streamlined scans and test management, providing teams the ability to choose which framework to use according to their organization’s structure and specific vulnerabilities.

- An instantly calculated risk score based on the current scan, giving stakeholders the ability to make quick, smart decisions based on their organization’s real-time standing.

- Easy access to a history of past scans for quick review of total risk scores trends from one scan to the next. Stakeholders can track their organization’s progress with hyper-accuracy, determine whether their risk has changed for better or worse over time, and manage configuration drifts.

- Exceptions management, allowing Kubernetes admins to mark acceptable risk levels within specific resources and select which tests to perform in order to avoid alert fatigue. Users no longer have to contend with multiple alerts on failed tests which internal stakeholders have determined to be of low priority to the organization.

- Build and create customized compliance frameworks, empowering stakeholders with the ability to test according to their organization’s unique requirements. Users can test organization’s Kubernetes environments using their custom framework, ensuring that all workloads deployed within an organization's networks are compliant with the same standard.

“Developers look at security as a design and architectural problem that needs to be managed from the earliest stages of the development pipeline. Kubescape’s seamless integration with Kubernetes’ tech stack and practical, simple output make it a high-value, go-to solution that’s extremely appealing to developers,” said Shauli Rozen, CEO and Co-Founder of ARMO. “... Kubescape is resonating with developers all over the globe, and our vision is to build on that momentum to continue solidifying Kubescape as the tool of choice for Kubernetes users, as an integral part of their daily routines and organization-wide security strategies.”

“Kubescape detects highly dangerous security weaknesses before they reach production, and our updated version provides an even deeper level of visibility and protection for Kubernetes users,” said Leonid Sandler, CTO and Co-Founder of Armo. “With the new expanded version of Kubescape, they can continuously examine their security controls and deployments to ensure the highest level of protection possible for their companies...”

Share this

Industry News

October 21, 2021

Splunk announced the latest enhancements to the Splunk observability portfolio including advanced product innovations for Splunk Application Performance Monitoring (APM), Splunk Real User Monitoring (RUM), Splunk Synthetic Monitoring, Splunk Log Observer, Splunk Infrastructure Monitoring and Splunk IT Service Intelligence.

October 21, 2021

Platform9 announced a number of new enterprise features that greatly eliminate operational complexities in managing multi-cluster and multicloud Kubernetes deployments, available in the new release, Platform9 5.4 Release.

October 21, 2021

Graylog is announcing Graylog Security.

Designed to overcome legacy Security Information & Event Management (SIEM) challenges, Graylog’s scalable, flexible cybersecurity platform makes security analysts’ jobs easier and faster. With SIEM, Anomaly Detection, and User Entity Behavior Analytics (UEBA) capabilities, Graylog’s security solution will provide security teams with even greater confidence, productivity, and expertise to mitigate risks caused by Insider Threats, credential-based attacks, and other cyber threats.

October 21, 2021

Prodly announced a Series A investment of $10 million led by Leta Capital.

October 20, 2021

SonarSource added over 5,000 customers in the last 12 months, reaching the 15,000 commercial customers milestone in record time.

October 20, 2021

Actian announced the general availability of its newly released DataConnect 12 integration platform, demonstrating a continued focus on ease of use for complex data integration and data quality.

October 20, 2021

Salt Security announced new capabilities in its next-generation Salt Security API Protection Platform to secure GraphQL APIs.

October 20, 2021

vFunction announces the availability of the vFunction Application Transformation Engine and the expanded vFunction Modernization Platform, with new, advanced capabilities that enable enterprises to automatically assess, analyze, and manage the full modernization and migration process from start to finish.

October 20, 2021

Mage raised a $6.3 million seed round led by Gradient Ventures.

October 19, 2021

Couchbase announced its Couchbase Capella hosted Database-as-a-Service (DBaaS) offering on Amazon Web Services (AWS).

October 19, 2021

Checkmarx announced the launch of the Checkmarx Application Security Platform to help CISOs, AppSec teams, and developers address the growing and dynamic security challenges they face.

October 19, 2021

Tasktop announced Affinity Modeling for model-based integration in Tasktop Hub, helping Agile and DevOps software delivery teams reduce time to market and develop software faster.

October 19, 2021

Morpheus Data is continuing released version 5.3.3 targeted at enterprises trying to manage a complex mix of VMware, Kubernetes, and Public Cloud services.

October 19, 2021

Okta announced the availability of Okta Workflows as a standalone offering for all customers.

October 18, 2021

Red Hat announced a series of updates in its portfolio of developer tools and programs aimed at delivering greater productivity, security and scale for developers building applications on Red Hat OpenShift.