Kubescape

kubescape.ioLaunched 2021

Open-source Kubernetes Security: Practical, End-to-End Coverage

Visit
Kubescape screenshot
/ About /

Kubescape is an open-source Kubernetes security platform that provides configuration scanning, vulnerability assessment, policy enforcement, network policy validation, and runtime threat detection for Kubernetes environments. It supports multiple compliance frameworks including CIS Benchmarks, NSA-CISA, and MITRE ATT&CK, and integrates with popular IDEs and CI/CD pipelines. Created by ARMO, it is a CNCF incubating project built on tools like Open Policy Agent, Grype, and eBPF.

/ How it works /

Kubescape retrieves Kubernetes objects from the API server, runs Rego-based posture controls via Open Policy Agent, and performs image scanning and runtime monitoring using integrated open-source tools.

/ Who it's for /

Kubernetes engineers and platform operators

/ More info /

Background.

Status
launched
Business model
open-source
Company
ARMO
Launched
2021
/ Discovered patterns /

Similar projects.

Coming soonSpektrail’s read on Security

Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.

Coming soon

Have a take on this space?

Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.