Getting started

This guide starts when you are prompted to create an account and walks you through creating an account, scanning your cluster, interpreting the scan results, and provides next steps to explore.

Before you begin

You need access to a Kubernetes cluster that includes permissions to install. The cluster should also have Helm installed.

Create an account

  1. Navigate to cloud.armosec.io to create an account.

  2. Enter your email address and name, and then click Sign up.

After your account is created, you are prompted to connect to your Kubernetes cluster.

Scan a cluster

ARMO Platform provides a CLI command to deploy ARMO's helm chart. This command uses Helm.

  1. Copy and paste the command in the terminal connected to your cluster.

    ARMO is downloaded and deployed.

  2. Click Verify installation to test the connection between your cluster and ARMO Platform.

  3. If the connection is successful, Kubescape scans your cluster against the default frameworks and submits the scan results to ARMO Platform. If you encounter any errors during deployment, consult the Installation Troubleshooting page.

Your cluster is scanned for misconfigurations and vulnerabilities, the results are sent to ARMO Platform.

Interpret results

After your first successful scan, the Dashboard automatically opens with your cluster’s scan results. The Dashboard is the section in ARMO Platform where you can get a high-level overview of your Kubernetes environment’s security.

The Compliance score graph provides information about how compliant your cluster is with a particular framework over time. By default, certain frameworks are scanned against your environment.

You can choose which framework to view from the menu.

The Vulnerability Risk graph provides information about identified vulnerabilities in your clusters’ workloads over time and the top five common vulnerabilities and exposures (CVE) discovered.

View misconfigurations

Click a failed control in the Dashboard to view more information about the control, the clusters it’s failing on, and the resources that failed. When you choose a cluster, the Compliance section opens to the failed resources for the control in the selected cluster.

Some controls can be fixed, while others can be potentially ignored. If Fix is an option, ARMO Platform highlights the lines in your configuration files that include the identified misconfigurations.

View vulnerabilities

Click a CVE in the Dashboard to view more information, such as the workloads it was identified. The Vulnerabilities section opens with the CVE pre filled in the search bar.

Click the workload to view more information, such as what other vulnerabilities are found on the workload. Some CVEs can be fixed by installing updated software, while others require mitigation actions.

Check your RBAC

After you’ve scanned your first cluster, you can explore its role-based access controls (RBAC) in the RBAC Visualizer section. Open it using the sidebar.

📘

If you’ve scanned multiple clusters, you must choose on which cluster to examine the role-based access controls (RBAC).

Use the built-in queries to answer common RBAC questions.

You can also use the Who-can option to find out which accounts can do certain things.

Next steps

Now that you’ve explored a little of what ARMO Platform can offer, check out these topics to see what else we can do.