Kubescape

No Change
assess
First Added:May 27, 2026 Updated: July 2, 2026

Kubescape is a tool we assess in the garden.

Blurb

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…

Summary

Modes: CLI scans on manifests; in-cluster operator; CI hooks for Pull Request checks on changed YAML.

When to use: need a single CLI for posture reporting across many clusters; evaluating ARMO’s control catalog without buying a full CNAPP yet.

When to skip: already standardized on another CNAPP or admission policy stack (Policy as Code, OPA Gatekeeper) with overlapping coverage.