Today, security company ARMO announced that it has raised $30 million series A funding for the first fully open-source Kubernetes security platform, Kubescape.

The solution can scan Kubernetes deployments for misconfigurations and vulnerabilities across the entire software development lifecycle, calculate risk scores instantly, highlight risk trends, and automatically suggest changes to configuration files.

In other words, Kubescape aims to offer enterprises a single pane of glass for securing Kubernetes environments that security teams can use to scan for misconfigurations and vulnerabilities, rather than relying on a disparate patchwork of isolated open-source security tools.

The need for a unified Kubernetes security solution

While there are a number of existing open-source tools for Kubernetes security, these tools have been siloed, and often designed for individual jobs, rather than a complete security solution. For human analysts, the high number of these security tools has increased complexity.

“One of the main issues with Kubernetes security today is that while the developers who are responsible for securing Kubernetes are most comfortable working with open-source tools — enjoying the flexibility, transparency and adaptability they offer — the comprehensive security tools that can do everything they actually need for K8s are proprietary closed-source solutions,” said cofounder and CEO of ARMO, Shauli Rozen.

“Today in order to achieve an end-to-end K8s security solution, you basically have two options: The first is to enroll in a commercial solution that you have to register and will have to pay for eventually. The second is to cobble together an end-to-end solution by combining numerous and fragmented open-source utilities and tools that must then be integrated together, are complex to monitor and manage, and require a large amount of effort to generate synergy,” Rozen said.

ARMO’s solution to this challenge is to provide enterprises with a unified open-source Kubernetes security platform that integrates natively with other DevOps tools they use, and gives security teams the ability to solve runtime security problems.

One feature that supports this is assisted remediation, which can show users exactly where Kubernetes resources have failed and the root cause, down to the specific line in the resource definition file, with the platform offering to fix and even add missing lines if needed.

The Kubernetes security market

ARMO is part of the global container and Kubernetes security market that researchers valued at $714 million in 2020, and they project will reach a value of $8.24 billion by 2030 as more organizations seek solutions to manage misconfigurations, runtime security incidents and security vulnerabilities.

The vendor is competing against a number of established competitors, including Palo Alto Networks with Prisma Cloud, which offers Cloud Security Posture Management (CSPM), and Cloud Workload Protection (CWP) for hosts, containers and serverless deployments in Kubernetes environments. The organization recently announced it had generated $4.3 billion in revenue in 2021.

Another competitor is Aqua Security, which offers a Kubernetes Security Posture Management solution designed to protect and ensure the compliance of K8 applications with security assessments and automated compliance monitoring. The company most recently announced that it had raised $135 million in series E funding and achieved a valuation of $1 billion.

The key difference between Kubescape and existing solutions is that the former is an open-source tool, which enables developers from the user community to provide their knowledge and expertise to enhance the solution over the long term.