Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Very useful tool to harden and monitor vulnerabilities in real time
What do you like best about the product?
Whilst configuring first clusters it is important to be able to harden the cluster. Easy to implement as well
What do you dislike about the product?
Used only short time. No negative experiences so far.
What problems is the product solving and how is that benefiting you?
HArdening and monitoring Kubernetes for vulnerabilities
- Leave a Comment |
- Mark review as helpful
The ARMO Platform has saved us time and cloud costs.
What do you like best about the product?
The ARMO Platform has cut our cloud costs for our Intrusion Detection Service (one of our most costly products) by 80%.
What do you dislike about the product?
ARMO is coming out with many new features. They seem helpful after a demo, but it isn't always clear how we can use them for actionable insights.
What problems is the product solving and how is that benefiting you?
ARMO is primarily solving the Intrusion Detection problem. We need to know if an attacker has successfully penetrated one of services. While that was the primary factor that led us to purchase the ARMO Platform, we've since found additional features that have added significant value. Specifically, when a vulnerability is detected in our tech stack we can see in which container the vulnerability was found, but don't have the critical data we need to prioritize the remediation. ARMO can tell us if the vulnerability is actually present in our code running in production or merely present in the process used to build the container. It can also give us critical information like exploitability that we can use to determine the priority and critical nature of the issue.
A Powerful Security Tool for the Kubernetes ecosystem
What do you like best about the product?
ARMO's Kubescape is an outstanding security tool that has become an integral part of our Kubernetes ecosystem. As an open-source solution, it offers robust security scanning capabilities that ensure our clusters remain secure and compliant with industry best practices.
One of the standout features of Kubescape is its comprehensive scanning engine, which covers everything from misconfigurations to vulnerabilities across our Kubernetes clusters. It seamlessly identifies security risks based on the CIS Kubernetes Benchmark and NSA-CISA Kubernetes Hardening Guidance, giving us peace of mind that our infrastructure is well-protected.
Kubescape’s integration with our GitHub Actions workflow has been a game-changer. The ease with which it fits into our CI/CD pipeline means we can automatically scan our Kubernetes manifests and Helm charts during every pull request. This early detection of security issues helps us maintain a high level of security without slowing down our development process. The setup was straightforward, and the feedback is immediate, allowing us to catch and resolve issues before they make it to production.
The tool's detailed reports and actionable insights are invaluable for our team. The ability to visualize the security posture of our clusters and track improvements over time has significantly enhanced our security operations. Kubescape's intuitive interface makes it easy for both developers and security teams to collaborate and ensure that security is a shared responsibility.
In summary, ARMO's Kubescape is a must-have for any organization running Kubernetes. Its powerful scanning capabilities, combined with seamless GitHub Actions integration, make it an essential tool for maintaining a secure and compliant Kubernetes environment. We highly recommend it to any team looking to enhance their Kubernetes security posture without adding complexity to their workflows.
One of the standout features of Kubescape is its comprehensive scanning engine, which covers everything from misconfigurations to vulnerabilities across our Kubernetes clusters. It seamlessly identifies security risks based on the CIS Kubernetes Benchmark and NSA-CISA Kubernetes Hardening Guidance, giving us peace of mind that our infrastructure is well-protected.
Kubescape’s integration with our GitHub Actions workflow has been a game-changer. The ease with which it fits into our CI/CD pipeline means we can automatically scan our Kubernetes manifests and Helm charts during every pull request. This early detection of security issues helps us maintain a high level of security without slowing down our development process. The setup was straightforward, and the feedback is immediate, allowing us to catch and resolve issues before they make it to production.
The tool's detailed reports and actionable insights are invaluable for our team. The ability to visualize the security posture of our clusters and track improvements over time has significantly enhanced our security operations. Kubescape's intuitive interface makes it easy for both developers and security teams to collaborate and ensure that security is a shared responsibility.
In summary, ARMO's Kubescape is a must-have for any organization running Kubernetes. Its powerful scanning capabilities, combined with seamless GitHub Actions integration, make it an essential tool for maintaining a secure and compliant Kubernetes environment. We highly recommend it to any team looking to enhance their Kubernetes security posture without adding complexity to their workflows.
What do you dislike about the product?
We didn't identify any issues so far while deploying it on our clusters.
What problems is the product solving and how is that benefiting you?
Mitigating CVE shock and making it very easy to identify where the main issues are within our clusters, helm charts and docker images.
Best security platform for Kubernetes
What do you like best about the product?
Armo is able to gather in a synthetic and nice-looking interface, a lot of data that I'm used to collect from so many different tools. Moreover, it aims to deliver ready-to-use and easy-to-understand actions. The visual approach, such as diagrams of attack paths, or diffing YAML manifests for showing us how to improve security by changing kubernetes resources, is a game changer !
What do you dislike about the product?
While the installation and integration is pretty straightforward thanks to their Helm chart, the toolset that needs to be deployed on each cluster is pretty large, with many deployments, statefulsets and cronjobs.
What problems is the product solving and how is that benefiting you?
ARMO can help security team that does not have a large knowledge in Kubernetes to understand what does matter and where to focus.
Great security platform
What do you like best about the product?
It's a great tool that let's you focus on the security risks that matter! Also customer support is very helpful and fast.
What do you dislike about the product?
The setup can be complicated at the start, but luckily customer support is there to help you.
What problems is the product solving and how is that benefiting you?
It helps us to focus on the security issues that matter and not let us drown in a sea of vulnerabilities.
Best security compliance solution
What do you like best about the product?
Real time informations and how accurate it is, free plan
What do you dislike about the product?
Pricing, high learning curve and integration with other tools
What problems is the product solving and how is that benefiting you?
Managing outdated versions and improve how to plan maintance and updates.
Fantastic Kubernetes security platform
What do you like best about the product?
Real time attack surface reduction within Azure DevOp's with contextual and actiuonable insights. Misconfigurations within code and the remediation steps required to resolve are easy to follow and offer a wide range of options to bring around a resolution.
ARMO has fantastic granular SSO controls, AMRO's "CVE Relevancy" feature is a differentiator & particularlly the "Vul spotlight" insights have had a huge help in reducing the noise of CVE's.
Fantastic tool with a great UI interface,
ARMO has fantastic granular SSO controls, AMRO's "CVE Relevancy" feature is a differentiator & particularlly the "Vul spotlight" insights have had a huge help in reducing the noise of CVE's.
Fantastic tool with a great UI interface,
What do you dislike about the product?
Setup and implimentation requires helm chart - A more less technical method of onboarding would be request a service principle in azure for all the access requirments.
What problems is the product solving and how is that benefiting you?
Armo has provided a massive insight into Kubernetes and all the vulnerabilities that truly matter with the Spotlight feature.
First rate vulnerability management for Kubernetes
What do you like best about the product?
My favourite feature are the dashboards that score your security posture in line with security standards. As you resolve security issues, your score increases and this can be seen over time. This makes it easy to understand how your posture has improved over time and helps articulate value to the rest of the business.
It also does a great job of suggesting fixes in ways that non-k8s pros will appreciate and understand
It also does a great job of suggesting fixes in ways that non-k8s pros will appreciate and understand
What do you dislike about the product?
We had a small number of integegration issues that were quickly resolved by the support team. In all honesty there wasn't much to dislike during our implementation
What problems is the product solving and how is that benefiting you?
It is helping us both visualise our security posture and articulate how we have improved it over time to senior management
Fast, on-point, actionable security advice for everything in your k8s clusters
What do you like best about the product?
ARMO does a great job fetching all known vulns in your k8s clusters and its workloads but then goes on to filter out all the non-relevant ones. Then, it makes those actionable thru Jira or Slack and it gives you all the context information for that particular vuln so as a DevSecOps engineer you can go right to work on its mitigation!
It's VERY easy to setup and implement, just a helm chart and you're good.
Integration with Slack, SSO and your code and container repositories is a snap and doing so will get the vulns a world of context for your specific situation.
Scans can be scheduled and run ad-hoc and this guarantees frequent use and fregular occurances for when things change.
Support through Slack has been very responsive so far and their engineers have always been able to resolve issues within a few hours or days at worst.
It's VERY easy to setup and implement, just a helm chart and you're good.
Integration with Slack, SSO and your code and container repositories is a snap and doing so will get the vulns a world of context for your specific situation.
Scans can be scheduled and run ad-hoc and this guarantees frequent use and fregular occurances for when things change.
Support through Slack has been very responsive so far and their engineers have always been able to resolve issues within a few hours or days at worst.
What do you dislike about the product?
It's not yet always obvious where a vuln is coming from, i.e. what's the final actor that introduced it to make it releveant.
What problems is the product solving and how is that benefiting you?
While SAST and checkov/kubelint go a long way towards securing your k8s design, you don't always know what affect workloads will have in your k8s clusters and what containers bring that may weaken your posture and attack surface.
While we can do our best to secure and "shift left" as much as possible in the SDLC, ultimately you also need eyes on the runtime state in k8s. That's what ARMO kubescape provides. You can use a multitude of OSS tools (checkov, trivy, harbor, dependency track) but you'll have to create your own dashboards and reporting for them. ARMO does that with ease and speed, but... it also adds relevancy to the vulns found so do not have to filter through 1500+ false alarms or irrelevant vuln because the faulty component is not in your runtime.
ARMO results in concise, to-the-point, actionable vulns with as much contet information that it can provide to enable an engineer to resolve the issue as efficiently as possible.
Additionally, the Attack Path feature shows non-tech people or developers exactly why they need to monitor and update their components so the outdated dependencies they introduce do not lead to exploitable weaknesses at runtime in your k8s clusters.
While we can do our best to secure and "shift left" as much as possible in the SDLC, ultimately you also need eyes on the runtime state in k8s. That's what ARMO kubescape provides. You can use a multitude of OSS tools (checkov, trivy, harbor, dependency track) but you'll have to create your own dashboards and reporting for them. ARMO does that with ease and speed, but... it also adds relevancy to the vulns found so do not have to filter through 1500+ false alarms or irrelevant vuln because the faulty component is not in your runtime.
ARMO results in concise, to-the-point, actionable vulns with as much contet information that it can provide to enable an engineer to resolve the issue as efficiently as possible.
Additionally, the Attack Path feature shows non-tech people or developers exactly why they need to monitor and update their components so the outdated dependencies they introduce do not lead to exploitable weaknesses at runtime in your k8s clusters.
Fortifying DevOps with Open-Source Kubernetes Security Excellence
What do you like best about the product?
ARMO may offer a comprehensive suite of security solutions for Kubernetes, addressing various aspects of DevOps security concerns. This could include features such as container security, network security, and access controls.The fact that ARMO is open-source can be a significant advantage. Open-source solutions often foster collaboration, transparency, and community-driven improvements, allowing users to benefit from collective expertise.
What do you dislike about the product?
ARMO has a steep learning curve or requires significant time and effort to set up and configure, some users may find it challenging, especially those looking for quick and straightforward solutions.Security solutions can sometimes be resource-intensive. If ARMO significantly affects system performance or consumes substantial resources, it could be a drawback, especially in resource-constrained environments.
What problems is the product solving and how is that benefiting you?
Vulnerability Management,Runtime Protection,Access Control,Network Security
showing 1 - 10