Sold by: AccuKnox
Quick Launch
KubeArmor offers robust Runtime protection for Kubernetes & other cloud workloads. Leveraging eBPF and Linux Security Modules (LSM), it enforces policy-based security measures. Safeguard your cloud native applications by limiting any suspicious behavior effectively across diversified workloads. Abstract away complexity, and embrace security.
Overview
KubeArmor enhances security in Bottlerocket deployments on Amazon EKS by restricting processes, files, network usage, safeguarding secrets, certificates, and controlling binary execution. Integrating KubeArmor as a Kubernetes daemonset and operating in systemd mode provides complete runtime security for a variety of workloads. For host protection, it employs inline prevention and best of breed Linux Security Modules, decreasing the attack surface. KubeArmor simplifies policy enforcement in multi node clusters by abstracting LSM complexities, allowing hassle free blocking rules, full monitoring, and no blind spots in visibility.
Highlights
- Add complete security to Bottlerocket deployments on Amazon EKS with KubeArmor. Limit processes, files, and network usage in your pods. Restrict access to Kubernetes security tokens for specific processes. Safeguard secrets and certificates within containers. Block updates to root certificates in specific folders. Control the execution of binaries in your containers with KubeArmor.
- KubeArmor offers complete security for a range of workloads by integrating as a Kubernetes daemonset, and Setting it up in systemd mode to run as host/system processes on bare metal, virtual machines, and containerized workloads. It uses inline prevention to reduce the attack surface, utilizing best-of-breed Linux Security Modules (LSMs) like AppArmor, BPF-LSM, and SELinux for host protection. This approach reduces the attack surface of pods, containers, and VMs.
- In a multi-node cluster, each node leveraging Linux Security Module, KubeArmor simplifies policy enforcement by abstracting away the LSMs' complexities. Hassle-free enforcement of blocking rules at the host or workload level Full control over monitoring hosts, pods, and containers No blind spots in visibility and protection for your cloud-native environment.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Quick Launch
Leverage AWS CloudFormation templates to reduce the time and resources required to configure, deploy, and launch your software.
Pricing
This product is available free of charge. Free subscriptions have no end date and may be canceled any time.
Vendor refund policy
No refunds required.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Amazon EKS console add-on
Supported services: Learn more
- Amazon EKS
EKS add-on
An add-on is software that provides supporting operational capabilities to Kubernetes applications but isn't specific to the application. This includes software like observability agents or Kubernetes drivers that allow the cluster to interact with underlying AWS resources for networking, compute, and storage. Add-on software is typically built and maintained by the Kubernetes community, cloud providers like AWS, or third-party vendors. Amazon EKS add-ons provide installation and management of a curated set of add-ons for Amazon EKS clusters. All Amazon EKS add-ons include the latest security patches and bug fixes, and are validated by AWS to work with Amazon EKS. Amazon EKS add-ons allow you to consistently ensure that your Amazon EKS clusters are secure and stable and reduce the amount of work that you need to do to install, configure, and update add-ons.
Version release notes
- Adding EKS console Add-on support
Additional details
Usage instructions
- Navigate to the Amazon EKS Console. Select an existing Amazon EKS cluster. On the cluster info page, go to the Add-ons tab info page. 2. To find more add-ons, in the middle right, select Get more add-ons. Scroll down to browse the different add-on software options available for installation from AWS Marketplace. Select AccuKnox_KubeArmor . 3. If you do not have subscription to the add-on through the AWS Marketplace, you will see a callout to subscribe to the software. Choose Next again, review the information, and choose Create. 4.In AWS CLI, describe the add-on versions for Kubecost by entering the following commands: aws eks describe-addon-versions --addon-name accuknox_KubeArmor 5. Create the add-on by entering the following command, replacing my-cluster with the cluster name: aws eks create-addon
--cluster-name my-cluster
--addon-name accuknox_KubeArmor
Support
Vendor support
Join KubeArmor Slack:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Customer reviews
Computer & Network Security
User friendly Interface and easy to implement
Reviewed on Mar 12, 2025
Review provided by G2
What do you like best about the product?
Simple dashboard and all configurations are intact to the process and policies
What do you dislike about the product?
nothing big to high light as of now. can update if any major dislike is identified.
What problems is the product solving and how is that benefiting you?
secure the cloud application
Leave a comment0 comments
Ashleigh W.
Having performed PoC with the product and involved with discussions with the team - excellent!
Reviewed on Mar 12, 2025
Review provided by G2
What do you like best about the product?
The AccuKnox technical team really know their solution inside out.
Their attention to detail; their understanding of customer requirements are exemplary and go beyond anything.
A pleasure to work with!
Their attention to detail; their understanding of customer requirements are exemplary and go beyond anything.
A pleasure to work with!
What do you dislike about the product?
The product and documentation along with the support are all excellent. Nothing to dislike here!
What problems is the product solving and how is that benefiting you?
To protect the cloud workloads of customers. This makes for a happy customer when also these customers must comply with the relevant cyber security frameworks.
Hiral S.
Review of AccuKnox
Reviewed on Feb 06, 2025
Review provided by G2
What do you like best about the product?
AccuKnox expertise on Compliance services
What do you dislike about the product?
Response from Sales team are slow and need followups sometime
What problems is the product solving and how is that benefiting you?
AccuKnowx has created confidence in my Cloud Security.
Computer & Network Security
very recommended for high security level
Reviewed on Feb 05, 2025
Review provided by G2
What do you like best about the product?
very recommended for high security level and one IHM to manage all your tools : clouds providers , kubernetes , gitlab...
What do you dislike about the product?
everything is right nothing to mention here
What problems is the product solving and how is that benefiting you?
security managements
security managements
security managements
security managements
security managements
Kirill I.
AccuKnox review
Reviewed on Jan 26, 2025
Review provided by G2
What do you like best about the product?
Ready to improve
Quick response
Tech support
Quick response
Tech support
What do you dislike about the product?
Lack of features
Complicated on-premise implementation
Complicated on-premise implementation
What problems is the product solving and how is that benefiting you?
Container security