Fast, on-point, actionable security advice for everything in your k8s clusters
What do you like best about the product?
ARMO does a great job fetching all known vulns in your k8s clusters and its workloads but then goes on to filter out all the non-relevant ones. Then, it makes those actionable thru Jira or Slack and it gives you all the context information for that particular vuln so as a DevSecOps engineer you can go right to work on its mitigation!
It's VERY easy to setup and implement, just a helm chart and you're good.
Integration with Slack, SSO and your code and container repositories is a snap and doing so will get the vulns a world of context for your specific situation.
Scans can be scheduled and run ad-hoc and this guarantees frequent use and fregular occurances for when things change.
Support through Slack has been very responsive so far and their engineers have always been able to resolve issues within a few hours or days at worst.
It's VERY easy to setup and implement, just a helm chart and you're good.
Integration with Slack, SSO and your code and container repositories is a snap and doing so will get the vulns a world of context for your specific situation.
Scans can be scheduled and run ad-hoc and this guarantees frequent use and fregular occurances for when things change.
Support through Slack has been very responsive so far and their engineers have always been able to resolve issues within a few hours or days at worst.
What do you dislike about the product?
It's not yet always obvious where a vuln is coming from, i.e. what's the final actor that introduced it to make it releveant.
What problems is the product solving and how is that benefiting you?
While SAST and checkov/kubelint go a long way towards securing your k8s design, you don't always know what affect workloads will have in your k8s clusters and what containers bring that may weaken your posture and attack surface.
While we can do our best to secure and "shift left" as much as possible in the SDLC, ultimately you also need eyes on the runtime state in k8s. That's what ARMO kubescape provides. You can use a multitude of OSS tools (checkov, trivy, harbor, dependency track) but you'll have to create your own dashboards and reporting for them. ARMO does that with ease and speed, but... it also adds relevancy to the vulns found so do not have to filter through 1500+ false alarms or irrelevant vuln because the faulty component is not in your runtime.
ARMO results in concise, to-the-point, actionable vulns with as much contet information that it can provide to enable an engineer to resolve the issue as efficiently as possible.
Additionally, the Attack Path feature shows non-tech people or developers exactly why they need to monitor and update their components so the outdated dependencies they introduce do not lead to exploitable weaknesses at runtime in your k8s clusters.
While we can do our best to secure and "shift left" as much as possible in the SDLC, ultimately you also need eyes on the runtime state in k8s. That's what ARMO kubescape provides. You can use a multitude of OSS tools (checkov, trivy, harbor, dependency track) but you'll have to create your own dashboards and reporting for them. ARMO does that with ease and speed, but... it also adds relevancy to the vulns found so do not have to filter through 1500+ false alarms or irrelevant vuln because the faulty component is not in your runtime.
ARMO results in concise, to-the-point, actionable vulns with as much contet information that it can provide to enable an engineer to resolve the issue as efficiently as possible.
Additionally, the Attack Path feature shows non-tech people or developers exactly why they need to monitor and update their components so the outdated dependencies they introduce do not lead to exploitable weaknesses at runtime in your k8s clusters.