Cybersecurity company Armo has announced that an open-source project it developed is being donated to the Cloud Native Computing Foundation (CNCF) as a Sandbox project. Kubescape is an end-to-end security platform for Kubernetes, and is the first security scanner under the CNCF umbrella, according to Armo.

“ARMO’s commitment to open source means ensuring Kubescape is free, open and always improving to become the end-to-end open-source Kubernetes security platform of choice,” said Shauli Rozen, co-founder and CEO of ARMO. “I’m proud that Kubescape’s acceptance by the CNCF cements this commitment. ARMO remains dedicated to making Kubescape the best open source Kubernetes security platform, and ARMO Platform the best enterprise version for Kubescape.  We strive to provide the best and simplest option for organizations to get the benefits of Kubescape with enterprise-level service support and features, to ensure the most complete security experience.”

Armo will continue to lead development of Kubescape and continue its commitment of making “Kubernetes security a simple and trustworthy DevOps-first experience.” 

Key features of Kubescape include risk analysis, security compliance, and misconfiguration scanning. 

It can scan clusters, YAML files, and Helm charts against a number of frameworks, such as NSA-CISA, MITRE ATT&CK, and the CIS Benchmark. 

To verify Kubernetes objects it also uses Open Policy Agent, which is another CNCF project. 

Scan results are available in a number of formats, including JSON, junit XML, HTML, PDF, or submitted to a cloud service. 

In addition to this news, the company also announced the launch of Armo Platform, which is an enterprise offering of Kubescape, providing full enterprise-grade support, maintenance and additional features.