Welcome to ARMO Platform

ARMO Platform is a runtime-powered, Kubernetes-driven, Cloud Security Platform. It uses eBPF to record application behavior. This recorded baseline is then enriched with relevant context from Kubernetes events, CI/CD data, cloud data and containers’ data resulting in an Application Profile DNA (APD™). The APD™ is the holistic baseline for applications’ normal behavior, configuration, and policies - our source of truth.

ARMO Platform leverages the APD to provide contextual input to its posture management and hardening capabilities. It highlights the most important security issues that need to be addressed today, while reducing alert fatigue associated with false positives. In addition, ARMO Platform provides cloud detect and response capabilities, against runtime threats.

ARMO Platform protects any type of cloud and Kubernetes deployments: managed, on-premises, and air-gapped.

To sign up for ARMO Platform, sign up for an ARMO Platform account. The signup process guides you through connecting your cluster to ARMO Platform and your first scan.

How ARMO Platform works

ARMO Platform uses the open source project Kubescape* as an engine that provides the data, which in turn is enriched to provide actionable security insights. It also uses the major CSPs' APIs to extract additional contextual information, such as resources, configuration, etc.

*ARMO is the creator of Kubescape, a CNCF Sandbox project, and continues to contribute to it as core maintainers.

Architecture

For more information about Kubescape, view the Kubescape architecture documentation.

Communication

ARMO Platform ,the Kubescape microservice and, the CSPM microservice communicate using gateways over HTTPS.

All data is sent over HTTPS to an endpoint on the ARMO Platform.

Data retention

Scan data sent to the ARMO Platform is saved for one month for a free user and three months for a paid user before being deleted.