"Version 4.0 of the open source Kubernetes security platform Kubescape has been released, bringing runtime threat detection and a new set of AI-era security features. This is the first time the project has targeted the security of AI agents themselves, alongside its established scanning capabilities."
"Kubescape is an open-source Kubernetes security platform, maintained as a CNCF incubating project. It scans clusters, Helm charts, YAML manifests, and CI/CD pipelines for misconfigurations, vulnerabilities, and RBAC violations."
"The Runtime Threat Detection engine relies on detection rules that work directly against Kubescape's Application Profiles. The engine monitors processes, Linux capabilities, system calls, network and HTTP events, and file system activity."
"Kubescape Storage has also reached GA in this release. It uses the Kubernetes Aggregated API to store security metadata such as Application Profiles, SBOMs, and vulnerability manifests in a dedicated layer."
Kubescape 4.0 has been released, featuring runtime threat detection and new AI security features. This version targets the security of AI agents and enhances existing scanning capabilities. The Runtime Threat Detection and Kubescape Storage have reached general availability. The platform scans for misconfigurations, vulnerabilities, and RBAC violations, significantly reducing CVE noise. The detection engine monitors various system activities and integrates with tools like VSCode and GitHub Actions. Kubescape Storage uses the Kubernetes Aggregated API to manage security metadata, ensuring data is stored separately from the standard etcd instance.
Read at InfoQ
Unable to calculate read time
Collection
[
|
...
]