ARMO, the authors of the Kubernetes open source security project Kubescape, said today that the first end-to-end open source Kubernetes security platform will receive $30 million in investment. The Series A investment, headed by Tiger Global alongside Hyperwise Ventures and participation from current investors Pitango First and Peled Ventures, will ensure that the whole Kubernetes community has access to an open, transparent, and fully customizable security solution.
The open source container orchestration solution Kubernetes has become the de-facto operating system for cloud-native apps, making Kubernetes security more important than ever. There is, however, no open source project that delivers a complete end-to-end Kubernetes security solution out of the box. Current open source Kubernetes security technologies are restricted, fragmented, difficult to administer and monitor, and take a significant amount of effort to generate synergies, pushing enterprises to use commercial closed source solutions.
“DevOps teams are responsible for the security of Kubernetes and they prefer to use an open source for it, but they also need the solution to be end-to-end and fit natively into their existing stack,” said Shauli Rozen, CEO & co-founder of ARMO. “Companies are being forced to choose: either try to integrate several different open source tools together or commit to a proprietary solution that you can’t adapt, access the code, influence the roadmap or contribute to.”
Kubescape is the first end-to-end open source Kubernetes security framework in development. Kubescape as a cloud SaaS has swiftly grown in popularity, becoming one of the fastest-growing open source Kubernetes security tools, with tens of thousands of users and over 2,500 registered customers. ARMO is dedicated to creating and maintaining a Kubernetes security platform that is 100 percent open source from start to finish.
Based on NSA-CISA hardening advice, MITRE ATT&CK, and other DevOps frameworks and vulnerability databases, Kubescape searches configuration files (i.e. YAML and Helm), Kubernetes clusters, and worker nodes for misconfigurations and known vulnerabilities, computing risk scores and trends. The connectivity of roles and privileges between different components of a Kubernetes cluster is visualised using a robust Role-Based Access Control (RBAC) module. Kubescape already provides all of these features, acting as a “single pane of glass” for an organization’s Kubernetes security. Kubescape explains why controls fail and suggests configuration changes to improve security posture for developers and DevOps teams.
Shauli Rozen, Leonid Sandler, and Ben Hirschberg founded ARMO. It plans to use the new funding to expand by building new offices and recruiting more people internationally, as well as hiring more developers to work on Kubescape and investing in its open source community. In addition, the company will grow its product and marketing teams.
“Kubernetes is open source, and Kubernetes security should be open source too, following the same culture of transparency and collaboration,” said John Curtius, Partner at Tiger Global.” ARMO is unique because they’re committed to a complete open source security solution for Kubernetes, so everyone can benefit from – and contribute to – the most secure platform available.”
“Kubernetes just keeps growing; securing Kubernetes means securing the infrastructure on which all modern microservice applications depend,” said Nathan Shuchami, managing partner with Hyperwise Ventures. “But it also means critical misconfigurations and potential vulnerabilities at many different levels. Kubernetes security is a complex problem. ARMO’s commitment to an open source, end to end solution to the entire challenge made it stand out, and Kubescape’s success just shows how much it’s needed.”
