Navigating ARMO Platform
ARMO Platform provides powerful visualization tools to gain insights into your Kubernetes environment’s security and risk posture. It helps contextualize misconfigurations and vulnerabilities inside your clusters and within your code and image repositories.
Identifying misconfigurations and vulnerabilities in your code and images before you deploy them into your environment reduces the number of potential attack vectors, even though we can identify them after they’ve been deployed.
Scan results are organized into information about your cluster and information about your code.
Cluster Information
- Security Risks - The default page when you open ARMO Platform. This provides a high-level view of your Kubernetes environment’s security.
- Threat Detection - Monitors and detects threats in real-time within Kubernetes environments using eBPF probes and Kubernetes context to identify anomalies and malicious behavior, ensuring security through detailed alerts.
- Attack Path - Presents and visualizes potential attack paths in Kubernetes environments, highlighting vulnerabilities or misconfigurations that allow attackers to access specific resources and navigate between them.
- Vulnerabilities - Shows the common vulnerabilities and exposures (CVE) identified on workloads inside your clusters.
- Compliance - Shows the results of your configuration scans and lists misconfigurations identified in your clusters. You can add clusters, drill-down for more information, and view suggested remediation steps.
- RBAC Visualizer - An interactive visualizer for your role-based access controls (RBAC) in your clusters. You can view Kubernetes roles, resources, role bindings, and relevant relationships in context.
- Network Policy - Defines and visualizes network policies in Kubernetes environments, offering detailed insights into how to control traffic flow between pods in a cluster, ensuring secure and efficient network management.
- Seccomp Profile - Defines and visualizes Seccomp profiles in Kubernetes environments, helping to enforce security policies by restricting system calls available to containers, thereby reducing the attack surface.
Code Information
- Repository Scanning - Shows misconfigurations found in your code repositories. You can add repositories, drill-down for more information, and view suggested remediation steps.
- Registry Scanning - Shows vulnerabilities found in your image repositories. You can add and scan an image registry and drill-down for more information.
Updated 5 months ago