Shauli is an engineer turned executive, enjoying the Linux command-line while also building start-up ventures. Shauli is the CEO and Co-Founder of ARMO, the company behind the popular open-source K8s security project Kubescape. Shauli is passionate about building tools and products for the development and DevOps community and a frequent speaker in DevOps, SecOps and Cloud Native conferences.
What have we learned from scanning over 10K unique clusters with Kubescape?
Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer, and image vulnerabilities scanning. Kubescape scans K8s clusters, YAML files, and HELM charts, detecting misconfigurations according to multiple frameworks (such as the NSA-CISA, MITRE ATT&CK®), software vulnerabilities, and RBAC (role-based-access-control) violations at early stages of the CI/CD pipeline, calculates risk score instantly and shows risk trends over time. In the last 6 months, we have scanned over 10K unique clusters and learned a great deal about the state of Kubernetes risk, compliance, and vulnerability. In this session, Shauli Rozen, ARMO CEO & Co-Founder, will share interesting insight on why and where Kubernetes deployments are failing, weak spots, and how to get better. He will reveal interesting statistics on K8s cluster risk score and trends, which controls usually fail, and what kind of vulnerabilities everyone has in their clusters.