Cloud Native Rejekts EU (Valencia) 2022

Shauli Rozen

Shauli is an engineer turned executive, enjoying the Linux command-line while also building start-up ventures. Shauli is the CEO and Co-Founder of ARMO, the company behind the popular open-source K8s security project Kubescape. Shauli is passionate about building tools and products for the development and DevOps community and a frequent speaker in DevOps, SecOps and Cloud Native conferences.

The speaker's profile picture


What have we learned from scanning over 10K unique clusters with Kubescape?
Shauli Rozen

Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer, and image vulnerabilities scanning. Kubescape scans K8s clusters, YAML files, and HELM charts, detecting misconfigurations according to multiple frameworks (such as the NSA-CISA, MITRE ATT&CKĀ®), software vulnerabilities, and RBAC (role-based-access-control) violations at early stages of the CI/CD pipeline, calculates risk score instantly and shows risk trends over time. In the last 6 months, we have scanned over 10K unique clusters and learned a great deal about the state of Kubernetes risk, compliance, and vulnerability. In this session, Shauli Rozen, ARMO CEO & Co-Founder, will share interesting insight on why and where Kubernetes deployments are failing, weak spots, and how to get better. He will reveal interesting statistics on K8s cluster risk score and trends, which controls usually fail, and what kind of vulnerabilities everyone has in their clusters.