What do you like best about the product?

Comprehensive security solution: ARMO Sec offers an all-in-one platform for cloud-native applications, Kubernetes, and container security. It has been very helpful in safeguarding my company's infrastructure and protecting us from various security threats. Their focus on a zero-trust security model ensures that every workload is secured, regardless of its location.

Ease of deployment: ARMO's solution is straightforward to deploy and integrate with our existing infrastructure. Its seamless integration with Kubernetes and other container orchestrators has made it easy for our team to manage and maintain our security posture.

Real-time threat detection and response: One of the most significant advantages of ARMO Sec is its ability to detect and respond to security threats in real-time. This capability has helped us identify and mitigate risks before they could cause significant damage to our infrastructure.

Excellent customer support: ARMO's customer support team has been very responsive and helpful whenever we have faced any issues or had any questions. Their expertise in the field has been invaluable in ensuring that our security needs are addressed quickly and effectively.

What do you dislike about the product?

Pricing: Although ARMO Sec provides a robust security solution, its pricing structure can be a bit high for small businesses and startups. It would be helpful if they offered more flexible pricing options or scaled-down versions of their product to cater to a broader range of customers.

Learning curve: While the platform itself is easy to deploy, there is a bit of a learning curve when it comes to understanding and utilizing all the features that ARMO Sec offers. They could improve their documentation and provide more comprehensive tutorials to help users navigate the platform more efficiently.

Limited third-party integrations: Although ARMO Sec works well with Kubernetes and other container orchestrators, it would be beneficial to see more third-party integrations to enhance its capabilities further. Integrations with popular security information and event management (SIEM) systems and other security tools could make ARMO Sec an even more comprehensive solution.

What problems is the product solving and how is that benefiting you?

ARMO is a security platform designed to address the challenges associated with securing cloud-native applications, Kubernetes, and container environments. As a customer, I have experienced several benefits from using ARMO's solution to solve some critical problems in my organization's infrastructure.

Securing the dynamic and distributed nature of modern applications: With the rise of microservices and containerized applications, traditional security approaches often fall short. ARMO's platform has helped us secure our complex and distributed applications by embedding security directly into the workloads, ensuring protection regardless of their location. This zero-trust security model has provided a more reliable and robust security layer than traditional perimeter-based approaches.

Simplifying security management: As a company using Kubernetes and container technologies, we were previously struggling to manage and maintain our security posture due to the complexity of these environments. ARMO's seamless integration with Kubernetes and other container orchestrators has simplified this process for us, allowing our team to focus on other essential tasks while being confident in our security measures.

Real-time threat detection and response: One of the significant challenges in modern application security is identifying and mitigating threats in real-time. ARMO's platform has addressed this issue by providing real-time threat detection and response capabilities. This feature has enabled us to rapidly identify and address potential risks, minimizing the impact on our infrastructure and reducing the likelihood of costly breaches.

Compliance and visibility: Ensuring compliance with industry standards and regulations is essential for our organization. ARMO's platform has helped us achieve and maintain compliance by providing a clear and centralized view of our security posture, allowing us to quickly identify and address any gaps. The platform's ability to provide real-time visibility into our security status has been instrumental in ensuring that we meet our regulatory requirements.

Reducing security overhead: Traditional security methods often require significant overhead, including manual configuration and management of various security components. By offering a comprehensive and automated solution, ARMO has helped us reduce this overhead, saving us both time and resources. This reduction in overhead has allowed our organization to allocate more resources to other essential tasks and focus on growth.

Scalability: As our organization continues to grow, so do our security needs. ARMO's platform has proven to be highly scalable, allowing us to adapt and expand our security measures as our infrastructure evolves. This scalability ensures that we can maintain a robust security posture even as our application environments become more complex.

In summary, ARMO is solving critical problems related to securing modern, cloud-native applications, Kubernetes, and container environments. As a customer, I have benefited from ARMO's ability to secure our complex and distributed applications, simplify security management, provide real-time threat detection and response, ensure compliance and visibility, reduce security overhead, and offer a scalable solution that can grow with our organization. The platform's comprehensive approach to security has helped us mitigate risks, protect our infrastructure, and maintain a strong security posture in a rapidly evolving landscape.

What do you like best about the product?

- easy CLI and operator based. installation
- focus on current CVEs affecting Kubernetes
- RBAC visualizer is useful in spotting weakness
- Alignment with benchmarks like NIST, CIS etc

What do you dislike about the product?

- RBAC visualizer is useful but for a large cluster, it becomes difficult to use.

What problems is the product solving and how is that benefiting you?

I use ARMO / Kubescape whenever I onboard any client in my consulting work to quickly get an idea about their security posture. Also, a lot of them want to align with Industry best practices, where it really shines.
Another useful feature is identifying the evolving vulnerabilities affecting Kubernetes and these dynamic checks are quite useful to prevent emerging attacks.

What do you like best about the product?

Armo's Kubescape provides information about misconfigurations and vulnerabilities in a Kubernetes cluster through the CLI or the UI. With over 80 controls, kubescape scans all possible best practices and vulnerabilities along with providing a detailed description of what the control is and how it can be fixed. The image scanning feature in the SaaS product is an excellent addition to improving the security posture of the cluster. The RBAC visualiser allows us to look at the RBAC set-up in the cluster and identify if there are any privileged roles/users. The filtering/scanning capabilities in the UI are excellent allowing a great deal of customizability.

What do you dislike about the product?

The lack of notification integrations for notifying new vulnerabilities in the cluster limits us to one notification channel and does not allow us to use a notification channel of our choice. Certain features are dependent on the SaaS product by Armo such as custom frameworks, controls, and image scanning and cannot be used in CICD. The lack of ability to customise controls per cluster is not helpful.

What problems is the product solving and how is that benefiting you?

We use Armo's Kubescape to scan our Kubernetes cluster manifests and helm charts before the manifests are applied to a cluster using Kubescape's Github actions. Kubescape is also installed in the cluster which scans the cluster periodically for vulnerabilities/misconfigurations and alerts us regarding the same. We are able to catch misconfigurations and implement best practices before the application workload reaches production through Armo's Kubescape.