Recent years have seen a substantial shift in the number of companies moving to cloud-based computing – storing all their applications and data in a private virtual drive that can (with the right permissions) be accessed from anywhere at any time.
Software stored in the cloud is placed into virtual folders known as “containers,” which can be scaled up or down according to need.
And just like Microsoft’s Windows became the default operating system for computers back in the 1980s, the rise in cloud-based computing has seen the advent of the Google-created Kubernetes (known in the industry as K8S – a shorthand named for the first and last letters of the word and eight letters in between them) as its standard OS.
But the storage of sensitive data on the cloud means companies must set in place measures designed to protect their applications from cyber attacks, as well as rooting out any internal risks or human error that can disrupt the smooth running of the software.
This is where Israeli cybersecurity company Armo comes in, providing software developers a way to protect their cloud platforms from start to finish.
“A container, by design, is something that changes all the time,” Armo’s VP Marketing and Business Development Jonathan Kaftzan tells NoCamels.
“When you have a lot of these containers that are running in parallel, there is a need to have a platform that will manage and orchestrate the whole thing,” he says.
“And this is why Google created Kubernetes, and Kubernetes became very, very popular. It’s one of the most popular open-source projects ever.”
Today, he says, any organization that wants to work, develop and manage and operate in the cloud, uses Kubernetes. But because the open-source project is designed to be very flexible, it comes with certain data protection issues.
“When you want something to be agile and fast,” Kaftzan explains, “security is always the other side of the coin.”
This led the Tel Aviv-based Armo two years ago to create Kubescape, its own open-source security platform for Kubernetes that developers can adapt to their own needs.
It uses official security recommendations, such as those produced by the US National Security Agency, as guidelines for its technology, and constantly updates the framework to match the perennially changing environment.
“These recommendations are translated into controls in our system,” Kaftzan says. “We have more than 250 different types of control that are Kubernetes specific.”
Kubescape is downloaded by a company and integrated into their Kubernetes platform, allowing businesses to inspect every element of the cloud for potential problems.
“It can scan the environment and give you a snapshot of what you have, what are the issues and what needs to be fixed,” Kaftzan says.
It is designed to be integrated as early as possible into what he calls “the development pipeline,” in order to catch any issues before they spiral into more serious problems, although it does also provide ongoing support.
“If you fix things in the beginning, it’s much cheaper, much faster, much easier to do,” Kaftzan explains.
He highlights misconfiguration as one of the most common missteps in cloud programming, pointing out that some Kubernetes default settings are not always suitable for the needs of individual companies – and this can leave a company exposed to potential security breaches.
“Most of the problems in security in general, but especially in the cloud, are because things are not configured the right way,” he says.
“By 2025, 99 percent of the security incidents in cloud environments, including Kubernetes, will be a result of human misconfiguration.”
The company started off with investment from the Israel Innovation Authority and some private investors. Then in 2022, Armo raised $30 million in its Series A funding round, led by US investment firm Tiger Global. The first release of Kubescape came in that same year.
According to Kaftzan, the platform became almost an overnight hit.
Today it has hundreds of thousands of users, and, just as Google did with Kubernetes, the company has donated the platform to the Cloud Native Computing Foundation (CNCF), a body set up in 2015 to help integrate container technology into the tech sector.
Armo has now produced an enterprise edition of Kubescape called Armo Platform, which can work with multiple clouds and their internal elements. And in the months since its introduction, it already has dozens of paying customers around the world.
Kaftzan believes that Kubernetes will face increasing security challenges in the future, and that Armo is the answer:
“We want to be the one-stop shop for all your security needs.”