The Cloud Native Computing Foundation has officially accepted Kubescape as a sandbox project, according to The New Stack.
Kubescape is an open-source Kubernetes security platform that covers the full lifecycle of an application's development, including IDE, security, misconfiguration scanning, and compliance. It launches scans from the very beginning and proceeds into the deployment and cluster-management stages, while also providing useful tools for DevOps teams such as software-bill-of-materials, signature scanning, and policy controls. Teams can use the platform to detect and address flaws and misconfigurations based on frameworks including MITRE ATT&CK, NSA-CISA, and the CIS Benchmark. Kubescape evaluates objects against a library of posture controls using Open Policy Agent and allows users to export results in various ways.
In addition, developer ARMO provides an extra layer of protection for Kubescape in the form of the ARMO Platform, which it describes as a "ready-made" security platform for Kubernetes for SaaS or on-premises deployments.