Startup Armo Ltd. said today it has closed on a $30 million early-stage round of funding to deliver what it believes is the first viable, open-source solution for Kubernetes security.
The Series A round was led by Tiger Global and Hyperwise Ventures and saw participation from existing investors including Pitango First and Peled Ventures.
Armo is the lead developer of Kubescape, an open-source security platform for Kubernetes. Kubernetes is software that’s used to manage the components of modern software applications. It has emerged as the de-facto operating system for cloud-native applications over the past few years, but according to Armo, security remains a big concern. The company says that though there are some open-source security offerings, most are extremely limited, complex to manage and monitor and require lots of effort.
Essentially this means Kubernetes users have no choice but to use proprietary, closed-source security solutions, which goes against the ethos of its open-source nature.
Armo is hoping to change that with a viable open-source offering that users can rely on to secure their Kubernetes environments fully. Kubescape works by scanning configuration files such as YAML and Helm, clusters and worker nodes for misconfigurations and known vulnerabilities from MITRE ATT&CK and other DevOps frameworks and vulnerability databases.
Then, it calculates risk scores and trends and provides suggestions for any fixes that need to be made. Kubescape also provides a module for overseeing role-based access controls that works by visualizing the connection of roles and privileges in different parts of a Kubernetes cluster. It can show how these controls fail. In effect, Kubescape provides a single pane of glass from which organizations can get an overview of the security of their Kubernetes environments.
Most important, the company notes, Kubescape is completely open-source, meaning Kubernetes users are no longer forced to rely on expensive, proprietary security tools. That said, Armo still intends to make money, which it does by selling a more advanced version of Kubescape with premium features.
“DevOps teams are responsible for the security of Kubernetes and they prefer to use an open source for it, but they also need the solution to be end-to-end and fit natively into their existing stack,” said Armo founder and Chief Executive Shauli Rozen. “Companies are being forced to choose: Either try to integrate several different open-source tools together or commit to a proprietary solution that you can’t adapt, access the code, influence the roadmap or contribute to.”
Armo said Kubescape has been well-received by the Kubernetes community, with tens of thousands of users and more than 2,500 of those using it as a cloud software-as-a-service.
Holger Mueller of Constellation Research Inc. said the security challenges around Kubernetes are exacerbated by the fact it’s an open-source platform. That’s why he likes new options for companies to secure their Kubernetes environments, all the more so if those options happen to be open source themselves.
“It’s good to see Armo addressing Kubernetes security with Kubescape, as there is both demand and value-add for enterprises that use Kubernetes to build their next-generation applications,” Mueller said. “As with all security offerings the proof will be in its track record. Kubescape is a relatively new offering, so enterprises may be interested to keep watching and see how Armo’s customers fare versus those using other Kubernetes security services.”
Armo said it will use the funds from today’s round to open additional offices and hire more developers to improve Kubescape’s capabilities. The company will also expand its product and marketing teams.