Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
A Powerful Security Tool for the Kubernetes ecosystem
What do you like best about the product?
ARMO's Kubescape is an outstanding security tool that has become an integral part of our Kubernetes ecosystem. As an open-source solution, it offers robust security scanning capabilities that ensure our clusters remain secure and compliant with industry best practices.
One of the standout features of Kubescape is its comprehensive scanning engine, which covers everything from misconfigurations to vulnerabilities across our Kubernetes clusters. It seamlessly identifies security risks based on the CIS Kubernetes Benchmark and NSA-CISA Kubernetes Hardening Guidance, giving us peace of mind that our infrastructure is well-protected.
Kubescape’s integration with our GitHub Actions workflow has been a game-changer. The ease with which it fits into our CI/CD pipeline means we can automatically scan our Kubernetes manifests and Helm charts during every pull request. This early detection of security issues helps us maintain a high level of security without slowing down our development process. The setup was straightforward, and the feedback is immediate, allowing us to catch and resolve issues before they make it to production.
The tool's detailed reports and actionable insights are invaluable for our team. The ability to visualize the security posture of our clusters and track improvements over time has significantly enhanced our security operations. Kubescape's intuitive interface makes it easy for both developers and security teams to collaborate and ensure that security is a shared responsibility.
In summary, ARMO's Kubescape is a must-have for any organization running Kubernetes. Its powerful scanning capabilities, combined with seamless GitHub Actions integration, make it an essential tool for maintaining a secure and compliant Kubernetes environment. We highly recommend it to any team looking to enhance their Kubernetes security posture without adding complexity to their workflows.
One of the standout features of Kubescape is its comprehensive scanning engine, which covers everything from misconfigurations to vulnerabilities across our Kubernetes clusters. It seamlessly identifies security risks based on the CIS Kubernetes Benchmark and NSA-CISA Kubernetes Hardening Guidance, giving us peace of mind that our infrastructure is well-protected.
Kubescape’s integration with our GitHub Actions workflow has been a game-changer. The ease with which it fits into our CI/CD pipeline means we can automatically scan our Kubernetes manifests and Helm charts during every pull request. This early detection of security issues helps us maintain a high level of security without slowing down our development process. The setup was straightforward, and the feedback is immediate, allowing us to catch and resolve issues before they make it to production.
The tool's detailed reports and actionable insights are invaluable for our team. The ability to visualize the security posture of our clusters and track improvements over time has significantly enhanced our security operations. Kubescape's intuitive interface makes it easy for both developers and security teams to collaborate and ensure that security is a shared responsibility.
In summary, ARMO's Kubescape is a must-have for any organization running Kubernetes. Its powerful scanning capabilities, combined with seamless GitHub Actions integration, make it an essential tool for maintaining a secure and compliant Kubernetes environment. We highly recommend it to any team looking to enhance their Kubernetes security posture without adding complexity to their workflows.
What do you dislike about the product?
We didn't identify any issues so far while deploying it on our clusters.
What problems is the product solving and how is that benefiting you?
Mitigating CVE shock and making it very easy to identify where the main issues are within our clusters, helm charts and docker images.
- Leave a Comment |
- Mark review as helpful
Best security platform for Kubernetes
What do you like best about the product?
Armo is able to gather in a synthetic and nice-looking interface, a lot of data that I'm used to collect from so many different tools. Moreover, it aims to deliver ready-to-use and easy-to-understand actions. The visual approach, such as diagrams of attack paths, or diffing YAML manifests for showing us how to improve security by changing kubernetes resources, is a game changer !
What do you dislike about the product?
While the installation and integration is pretty straightforward thanks to their Helm chart, the toolset that needs to be deployed on each cluster is pretty large, with many deployments, statefulsets and cronjobs.
What problems is the product solving and how is that benefiting you?
ARMO can help security team that does not have a large knowledge in Kubernetes to understand what does matter and where to focus.
Great security platform
What do you like best about the product?
It's a great tool that let's you focus on the security risks that matter! Also customer support is very helpful and fast.
What do you dislike about the product?
The setup can be complicated at the start, but luckily customer support is there to help you.
What problems is the product solving and how is that benefiting you?
It helps us to focus on the security issues that matter and not let us drown in a sea of vulnerabilities.
Best security compliance solution
What do you like best about the product?
Real time informations and how accurate it is, free plan
What do you dislike about the product?
Pricing, high learning curve and integration with other tools
What problems is the product solving and how is that benefiting you?
Managing outdated versions and improve how to plan maintance and updates.
Fantastic Kubernetes security platform
What do you like best about the product?
Real time attack surface reduction within Azure DevOp's with contextual and actiuonable insights. Misconfigurations within code and the remediation steps required to resolve are easy to follow and offer a wide range of options to bring around a resolution.
ARMO has fantastic granular SSO controls, AMRO's "CVE Relevancy" feature is a differentiator & particularlly the "Vul spotlight" insights have had a huge help in reducing the noise of CVE's.
Fantastic tool with a great UI interface,
ARMO has fantastic granular SSO controls, AMRO's "CVE Relevancy" feature is a differentiator & particularlly the "Vul spotlight" insights have had a huge help in reducing the noise of CVE's.
Fantastic tool with a great UI interface,
What do you dislike about the product?
Setup and implimentation requires helm chart - A more less technical method of onboarding would be request a service principle in azure for all the access requirments.
What problems is the product solving and how is that benefiting you?
Armo has provided a massive insight into Kubernetes and all the vulnerabilities that truly matter with the Spotlight feature.
First rate vulnerability management for Kubernetes
What do you like best about the product?
My favourite feature are the dashboards that score your security posture in line with security standards. As you resolve security issues, your score increases and this can be seen over time. This makes it easy to understand how your posture has improved over time and helps articulate value to the rest of the business.
It also does a great job of suggesting fixes in ways that non-k8s pros will appreciate and understand
It also does a great job of suggesting fixes in ways that non-k8s pros will appreciate and understand
What do you dislike about the product?
We had a small number of integegration issues that were quickly resolved by the support team. In all honesty there wasn't much to dislike during our implementation
What problems is the product solving and how is that benefiting you?
It is helping us both visualise our security posture and articulate how we have improved it over time to senior management
Fast, on-point, actionable security advice for everything in your k8s clusters
What do you like best about the product?
ARMO does a great job fetching all known vulns in your k8s clusters and its workloads but then goes on to filter out all the non-relevant ones. Then, it makes those actionable thru Jira or Slack and it gives you all the context information for that particular vuln so as a DevSecOps engineer you can go right to work on its mitigation!
It's VERY easy to setup and implement, just a helm chart and you're good.
Integration with Slack, SSO and your code and container repositories is a snap and doing so will get the vulns a world of context for your specific situation.
Scans can be scheduled and run ad-hoc and this guarantees frequent use and fregular occurances for when things change.
Support through Slack has been very responsive so far and their engineers have always been able to resolve issues within a few hours or days at worst.
It's VERY easy to setup and implement, just a helm chart and you're good.
Integration with Slack, SSO and your code and container repositories is a snap and doing so will get the vulns a world of context for your specific situation.
Scans can be scheduled and run ad-hoc and this guarantees frequent use and fregular occurances for when things change.
Support through Slack has been very responsive so far and their engineers have always been able to resolve issues within a few hours or days at worst.
What do you dislike about the product?
It's not yet always obvious where a vuln is coming from, i.e. what's the final actor that introduced it to make it releveant.
What problems is the product solving and how is that benefiting you?
While SAST and checkov/kubelint go a long way towards securing your k8s design, you don't always know what affect workloads will have in your k8s clusters and what containers bring that may weaken your posture and attack surface.
While we can do our best to secure and "shift left" as much as possible in the SDLC, ultimately you also need eyes on the runtime state in k8s. That's what ARMO kubescape provides. You can use a multitude of OSS tools (checkov, trivy, harbor, dependency track) but you'll have to create your own dashboards and reporting for them. ARMO does that with ease and speed, but... it also adds relevancy to the vulns found so do not have to filter through 1500+ false alarms or irrelevant vuln because the faulty component is not in your runtime.
ARMO results in concise, to-the-point, actionable vulns with as much contet information that it can provide to enable an engineer to resolve the issue as efficiently as possible.
Additionally, the Attack Path feature shows non-tech people or developers exactly why they need to monitor and update their components so the outdated dependencies they introduce do not lead to exploitable weaknesses at runtime in your k8s clusters.
While we can do our best to secure and "shift left" as much as possible in the SDLC, ultimately you also need eyes on the runtime state in k8s. That's what ARMO kubescape provides. You can use a multitude of OSS tools (checkov, trivy, harbor, dependency track) but you'll have to create your own dashboards and reporting for them. ARMO does that with ease and speed, but... it also adds relevancy to the vulns found so do not have to filter through 1500+ false alarms or irrelevant vuln because the faulty component is not in your runtime.
ARMO results in concise, to-the-point, actionable vulns with as much contet information that it can provide to enable an engineer to resolve the issue as efficiently as possible.
Additionally, the Attack Path feature shows non-tech people or developers exactly why they need to monitor and update their components so the outdated dependencies they introduce do not lead to exploitable weaknesses at runtime in your k8s clusters.
Fortifying DevOps with Open-Source Kubernetes Security Excellence
What do you like best about the product?
ARMO may offer a comprehensive suite of security solutions for Kubernetes, addressing various aspects of DevOps security concerns. This could include features such as container security, network security, and access controls.The fact that ARMO is open-source can be a significant advantage. Open-source solutions often foster collaboration, transparency, and community-driven improvements, allowing users to benefit from collective expertise.
What do you dislike about the product?
ARMO has a steep learning curve or requires significant time and effort to set up and configure, some users may find it challenging, especially those looking for quick and straightforward solutions.Security solutions can sometimes be resource-intensive. If ARMO significantly affects system performance or consumes substantial resources, it could be a drawback, especially in resource-constrained environments.
What problems is the product solving and how is that benefiting you?
Vulnerability Management,Runtime Protection,Access Control,Network Security
Best security compliance solution ever worked with.
What do you like best about the product?
Enhanced safety measures and tracking of productivity,
Without affecting the organization's ecosystem.
Neutralizing the threats.
Without affecting the organization's ecosystem.
Neutralizing the threats.
What do you dislike about the product?
Not detected anything to dislike so far.
What problems is the product solving and how is that benefiting you?
Maintains cloud and container security along with the compliances.
ARMO review
What do you like best about the product?
I am a DevOps enthusiast. I work with Kubernetes and ARMO helps in protecting my workloads from threats. It is very easy to use.
What do you dislike about the product?
Cost is higher than any other Kubernetes security platforms. It is still under its development stage.
What problems is the product solving and how is that benefiting you?
It is one of the Kubernetes security platforms that almost many of the developers are using these days and are giving positive reviews. Has a user friendly UI, it is scalable and comprehensive. but cost is little higher than any other Kubernetes security platforms. It also has a good customer support service.
showing 1 - 10