Kubescape is a Kubernetes security and compliance platform that scans Kubernetes clusters, manifests, code repositories, container registries, and images. Utilizing eBPF it sets up threat detection rules for alerting on potential malicious activities.
Kubescape is a Kubernetes security and compliance platform that scans Kubernetes clusters, manifests, code repositories, container registries, and images. Utilizing eBPF it sets up threat detection rules for alerting on potential malicious activities.
“ARMO has been absolutely instrumental in helping us in Orange Business to ensure and maintain the security of our managed Kubernetes clusters.
By leveraging ARMO, we’ve managed not only to greatly accelerate the detection of potential vulnerabilities and compliance issues but also simplify their remediation, allowing even junior technicians to discover and address problems well before they can reach production”
Going beyond Kubescape results saved in CRDs, ARMO Platform aggregates data in a database, making it available for cross data analysis and insights.
Kubescape works via an API with no graphical user interface. All additional analysis and dashboarding must be built outside of Kubescape.
ARMO Platform comes with a graphical user interface, which enables dashboards and graphic visualizations of Attack Paths, Runtime Incidents and RBAC.
ARMO Platform customers are entitled to the ARMO enterprise-grade premium support which is based on strict SLA for performance and bug fixes. Each customer is managed by a technical customer support account manager. They also have influence on the ARMO platform roadmap and have early access to advanced features.
ARMO Platform can be deployed as SaaS, on-premises and even air-gapped. All these options are deployed and secured by ARMO. All of these options are as secure as self-hosting Kubernetes.
Kubescape’s runtime sensor is considered to be one of the most advanced among CNCF security projects and is constantly evolving. It currently provides runtime context for vulnerability and compliance scanning, as well as runtime threat detection related to file access, process execution, and a certain level of networking. Additionally, it automates the generation of Kubernetes-native network policies.
ARMO Platform builds on the capabilities of Kubescape’s runtime sensor by adding L7 network data, application function level data, network anomaly detection, and runtime threat response. It also supports auto-creation of proprietary network policies and seccomp profiles, further lending itself to posture management.
No, While ARMO Platform utilizes Kubescape in its backend, it has moved beyond Kubernetes-native security and provides holistic analysis of security from cloud risks, through host and container risks to API, network and application function level risks including eBPF sensor for non kubernetes workloads (VMs) and cloud infrastructure capabilities such as Cloud Detection (CDR) and CSPM.
Continue as a guest