Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

The definitive guide to compliance with cloud-managed Kubernetes

Kubernetes has become a vital component in cloud-native infrastructure, enabling organizations to deploy and manage containerized applications at scale. However, compliance is crucial to modern infrastructure, especially for businesses that handle sensitive data. Organizations that adopt Kubernetes must thus also be sure to maintain the security of their infrastructure, as well as address compliance requirements to meet regulatory standards.

Introducing Compliance Score: simplifying compliance assessment

In today’s digital landscape, compliance with industry frameworks is vital for businesses, Kubernetes environments are no exception. That being said, Risk Score is an illusive term. It is inconsistent between scanners and is ultimately hard to explain to stakeholders. Introducing a meaningful Compliance Score, now available on ARMO Platform. The new Compliance Score offers a user-friendly method to assess compliance levels. It measures control-specific compliance and overall framework compliance.

Kubernetes compliance under GDPR

The General Data Protection Regulation (GDPR) is a data privacy and security regulation in the European Union (EU) that aims to protect individuals’ personal data collected and processed by businesses. The financial penalties for a company that is found to be non-compliant with GDPR can be significant: €20 million or 4% of its annual global revenues.

Unraveling the State of Kubernetes Security in 2023

ARMO addresses 76% of key concerns highlighted in the Red Hat 2023 Report. We analyzed one of our favorite annual reports – the Red Hat State of Kubernetes security report 2023. It’s chock full of really interesting data on one of our favorite topics: Kubernetes security! (Who knew?!) In this post we’re going to unpack some of the most compelling data points, and compare them to previous years.

Optimized Kubernetes cluster architecture: considerations and best practices

Kubernetes is a powerful platform for managing containerized applications at scale, but configuring a Kubernetes cluster can be complex and challenging. In this post, we’ll explore various key considerations for optimizing a Kubernetes cluster, including different cluster, node, and tenancy configurations. Kubernetes is a powerful platform for managing containerized applications at scale, but configuring a Kubernetes cluster can be complex and challenging.

Kubescape & Jit

Kubescape is an open-source, CNCF sandbox, end-to-end Kubernetes security tool designed to assess the security posture of Kubernetes clusters created by ARMO. It helps identify security risks and misconfigurations that could potentially be exploited by attackers, and provides automatic assistance to remediate them. Kubescape was launched less than two years ago, in August 2021, and already has more than 8.3K stars on GitHub, and over 100 open-source contributors.

Kubernetes 1.27 Release: Enhancements and Security Updates

The Kubernetes 1.27 release brings multiple enhancements and security updates, providing users with an improved, more flexible, and secure platform for building and managing containerized applications. This post will provide an overview of the security-related updates and most significant enhancements in v1.27.

Securing your CI/CD pipelines: How GitHub Actions can Help

This post discusses how GitHub Actions can enhance the security of CI/CD pipelines by automating security-related tasks and providing integration with other security tools, version control, access control, and auditing. These days, security has become more important than ever in software development processes. With cyberattacks becoming increasingly frequent and sophisticated, organizations must prioritize security throughout their software development lifecycle to protect their systems, data, and users.