Kubescape
Kubescape is an open-source (Apache 2.0) Kubernetes security platform and CNCF incubating project, originally contributed by ARMO. It provides risk analysis, security and compliance posture scanning, misconfiguration detection, image and runtime vulnerability scanning, and eBPF-based runtime threat detection across the IDE, CI/CD pipelines, and live clusters. The core Kubescape is a CLI and an in-cluster Operator whose components expose OpenAPI/Swagger-documented HTTP APIs in-cluster (there is no single hosted public REST endpoint for the open-source tool). ARMO Platform is the commercial multi-cluster, multi-cloud SaaS built on Kubescape and exposes a documented hosted Customer API (base https://api.armosec.io) for posture, compliance, vulnerabilities, runtime incidents, attack paths, network policies, and registry/repository scanning, authenticated with an X-API-KEY access key.
APIs
Kubescape Posture & Compliance API
Retrieve compliance posture across NSA-CISA, MITRE ATT&CK, CIS, and other frameworks - framework scan summaries, per-control run results, framework subsections, and the affected...
Kubescape Vulnerabilities API
Initiate image vulnerability scans and read results - scan summaries and detailed CVE listings, severity metrics, top and over-time vulnerability trends, and scoped views by vul...
Kubescape Runtime Security API
Read and triage eBPF-based runtime threat detection output - list runtime incidents and their alerts, group incidents by severity, request incident explanations, resolve or unre...
Kubescape Network Policies API
Generate and retrieve least-privilege Kubernetes NetworkPolicies and seccomp profiles derived from observed application behavior (the Bill of Behavior), for hardening workloads ...
Kubescape Registry & Repository Scanning API
Schedule and manage container-registry scans (ECR, GAR, ACR, Harbor, Quay, Nexus, GitLab) and read Git repository posture - failed controls, scanned files, repositories, and aff...
Kubescape Access Keys API
Create, list, retrieve, and revoke the Agent Access Keys used to authenticate ARMO Platform Customer API requests via the X-API-KEY header, plus manage posture and vulnerability...
Kubescape In-Cluster Component API (Open Source)
The open-source Kubescape Operator's in-cluster components (storage, kubevuln, gateway, operator, node-agent) each expose an OpenAPI/Swagger-documented HTTP API reachable inside...