ARMO
ARMO is the cloud-native and Kubernetes security company behind the leading open-source project Kubescape. ARMO Platform is a runtime-driven CNAPP that unifies Kubernetes Security Posture Management (KSPM), vulnerability and image scanning, compliance frameworks, network and seccomp policy generation, and runtime Cloud Application Detection and Response (CADR) - correlating runtime behavior with posture and vulnerabilities to cut alert noise. ARMO exposes a documented REST API over HTTPS (base https://api.armosec.io/api/v1 in the EU region and https://api.us.armosec.io/api/v1 in the US region), authenticated with an account access key sent in the X-API-KEY header. The API covers clusters, workloads, vulnerabilities, posture and compliance, security risks, runtime incidents, attack chains, network and runtime policies, registry scanning, and integrations. API access is available to platform customers who have generated an Agent Access Key; the endpoints below are documented but the data returned requires a connected account and clusters.
APIs
ARMO Vulnerabilities API
Query image and workload vulnerabilities discovered by ARMO. Issue scans for a workload or context, retrieve scan result summaries and details, severity roll-ups, top vulnerabil...
ARMO Posture and Compliance API
Kubernetes Security Posture Management (KSPM) results across compliance frameworks. Get per-framework scan summaries, control run results and framework sections, affected resour...
ARMO Clusters and Workloads API
Inventory of connected Kubernetes clusters and workloads. Retrieve the cluster list with history over time, list workloads with their vulnerability and posture context, and chec...
ARMO Runtime Incidents API
Runtime Cloud Application Detection and Response (CADR). List runtime incidents and their alerts, get an incident explanation, resolve or unresolve incidents, and get incidents ...
ARMO Security Risks and Attack Chains API
Prioritized, correlated security risks and attack chains. List security risks, the resources associated with them, and severity summaries, and retrieve attack chains that combin...
ARMO Network and Runtime Policies API
Generate and manage hardening policies from observed runtime behavior. Retrieve and generate Kubernetes network policies, generate and list seccomp profiles, and create runtime ...
ARMO Registry Scanning API
Scan container image registries on demand or on a schedule. Issue a registry scan or set a scan scheduler (cron), and update or delete the registry scan cron job.
ARMO Integrations API
Push ARMO findings into ticketing and collaboration tools. Configure Jira, look up projects, issue types, field schemas and values, create Jira issues from findings, and manage ...
ARMO Access Keys API
Programmatically manage the Agent Access Keys used to authenticate API calls. List, create, get by GUID, update, and delete access keys for your account.