Best IT Security Software for Kubernetes - Page 7
View:
Compare the Top IT Security Software that integrates with Kubernetes as of December 2025 - Page 7
Sort By:
This a list of IT Security software that integrates with Kubernetes. Use the filters on the left to add additional filters for products that have integrations with Kubernetes. View the products that work with Kubernetes in the table below.
-
1
Opal
Opal
Opal is a security platform that enables organizations to scale least privilege, creating new ways for teams to work smarter. We believe access should be decentralized, self-service, and integrated with the technologies your team already uses. Remove bottlenecks. Delegate access requests to those who have the most context. More context = faster and better decisions. Intelligent automation. Let Opal handle it all, giving access when it matters most, sending automatic reminders, and removing access when no longer needed. Transparency matters. Be on the same page about who approves access, who has access to what, the status of requests, and more. Skip the game of telephone! Companies give out far too much access. Access is granted in a way that is overly coarse and often for an indefinite amount of time. Most companies have painfully manual and inconsistent ways of granting just-in-time access. -
2
Argon
ArgonSec
The first unified security solution protecting the integrity of your software throughout the entire DevOps CI CD pipeline. Track all events and actions across your software supply chain with unparalleled clarity, get actionable information and make decisions faster. Bolster your security posture by enforcing security best practices at all stages of the software delivery process with real-time alerts and auto-remediation. Ensure source code integrity with automated validity checks on each release, so you can be sure the code you committed is the source code deployed. Argon continuously monitors your DevOps infrastructure to identify security risks, code leaks, misconfigurations, and anomalies, and provide insights about the posture of your CI CD pipeline. -
3
Isovalent
Isovalent
Isovalent Cilium Enterprise enables cloud-native networking, security, and observability. Your cloud-native infrastructure, powered by eBPF. Connect, secure, and observe cloud-native applications in multi-cluster, multi-cloud environments. A highly scalable CNI and a multi-cluster networking solution that offers high-performance load balancing, advanced network policy management, etc. Shifting security to a process behavior instead of packet header enabling. Open source is at the core of Isovalent. We think, innovate, and breathe open source and are fully committed to the principles and values of open source communities. Request a personalized live demo with an Isovalent Cilium Enterprise expert. Engage with the Isovalent sales team to assess an enterprise-grade deployment of Cilium. Step through our interactive labs in a sandbox environment. Advanced application monitoring. Runtime security, transparent encryption, compliance monitoring, and CI/CD & GitOps integration. -
4
SeaCat
TeskaLabs
Cyber-security and data privacy platform for mobile and IoT applications. Build and operate the app free from any cyber-security incident. SeaCat is a cyber-security platform created by experts, and it features all cyber-security and data privacy must-haves. SeaCat deployment is smooth and hassle-free. SeaCat improves your security level instantly, with no need for custom development. Cyber-security should not come at the cost of the user experience. SeaCat requires no pesky configurations or procedures on the part of the user; SeaCat employs all modern cyber-security features, such as biometrical authorization, and hardware security modules. SeaCat cyber-security platform consists of a SeaCat SDK that is to be added to a mobile or IoT application, the SeaCat Gateway that is to be installed into the demilitarized zone (DMZ) in front of the application backend servers, and SeaCat PKI that is a service that provides enrolment, access, and identity management. -
5
Worldr
Worldr
Worldr defends the data you share in Microsoft Teams from external breaches while prohibiting outside organizations from exploiting your most sensitive digital assets. It can be utilized in any environment, whether that be cloud based or on-premise; our lightweight architecture can be deployed in minutes for any size organization. Ensure full ownership of data so no one, not even Microsoft, can access it. Messages, user details, and metadata are stored in a database protected by a transparent data encryption layer while encryption keys are stored in Hashicorp Vault. Store your data anywhere in the world based on compliance, legal or regulatory requirements. Adhere to sector specific data transfer and processing regulations and meet mandates enforced by various countries to ensure data sovereignty. -
6
Gem
Gem Security
Empower your security operations teams with built-in expertise and automatic response capabilities fit for the cloud era. Gem delivers a centralized approach to tackle cloud threats, from incident response readiness, through out-of-the-box threat detection, investigation and response in real-time (Cloud TDIR). Traditional detection and response tools aren’t built for the cloud, leaving organizations blind to attacks and security operations teams unable to respond at the speed of cloud. Continuous real-time visibility for daily operations and incident response. Complete threat detection coverage for MITRE ATT&CK cloud. Understand what you need, quickly fix visibility gaps, and save costs over traditional solutions. Respond with automated investigative steps and built-in incident response know-how. Visualize incidents and automatically fuse context from the cloud ecosystem. -
7
Procyon
Procyon
Get frictionless, secure access to cloud infrastructure. Get passwordless access to major cloud platforms and thousands of cloud resources. We work seamlessly with AWS, GCP, Azure, and other cloud-native tools. Stop overprivileged access with just-in-time access for developers. DevOps users can request access to cloud resources with ‘just enough privileges’ to get timebound access to resources. Eliminate productivity bottlenecks of a centralized administrator. Configure approval policies based on a variety of factors. View a catalog of granted and unaccessed resources. Stop credential sprawl and worrying about credential theft. Developers can get passwordless access to cloud resources using Trusted Platform Module (TPM) based technology. Discover potential vulnerabilities now with our free assessment tool and understand how Procyon can help solve the problem in a matter of hours. Leverage TPM to strongly identify users and devices. -
8
Skyhigh Cloud-Native Application Protection Platform
Skyhigh Security
Enable the development and deployment of your cloud-native applications while identifying hidden risks caused by misconfigurations, threats, and vulnerabilities, all from a single platform. Skyhigh Cloud-Native Application Protection Platform (CNAPP) secures your enterprise cloud-native application ecosystem using the industry’s first comprehensive, automated, and frictionless platform. Comprehensive discovery and risk-based prioritization. Shift Left to detect and correct misconfigurations. Achieve continuous visibility into multi-cloud environments, automated misconfiguration remediation, access a best practice compliance library, and identify configuration issues before they cause a significant impact. Automate security controls for continuous compliance and audit. Centralize data security policy management and incidents management, maintain records for compliance and notification, manage privileged access to protect sensitive data. -
9
Authorizer
Authorizer
Build secure apps 10x faster. Low code tool and low cost deployment. Own your user data in your preferred database. Authenticate users with multiple auth recipes. Authorize users based on your business roles. OAuth2 and OpenID compatible APIs. Authentication and authorization have never been this simple before. Deploy production-ready Authorizer instance using one-click deployment options available. Open Authorizer instance endpoint in the browser. Sign up as an admin with a secure password. Configure environment variables from the dashboard. Authorizer object can be instantiated with JSON object. You can use Authorizer off the shelf and provide an amazing digital experience in just 3 minutes. We rather have you focused on your core business and build stuff that matters. Auth with best services baked in. Secure Session management implemented with HTTP-only cookies. Authorization Code flow implemented for mobile-based auth. -
10
Silk Security
Silk Security
Cut through the findings flood, holistically understand risk, automate prioritization, and collaborate on fix remediation — all in one platform. Adoption of cloud, hybrid, and cloud-native applications generates more complexity and scale issues that legacy approaches can't begin to address. Without enough environmental context, security teams struggle to measure and prioritize the risk associated with findings. Duplicate alerts from multiple tools mean compounds the challenge for security teams to prioritize and assign remediation ownership. 60% of the breaches that occur are due to a security alert that the organization knew about, but struggled to map stakeholder responsibility for the fix. Map stakeholder responsibility, enable self-service remediation with actionable recommendations, and facilitate bidirectional collaboration through integration into existing tools and workflows. -
11
Maverix
Maverix
Maverix blends itself into the existing DevOps process, brings all required integrations with software engineering and application security tools, and manages the application security testing process end to end. AI-based automation for security issues management including detection, grouping, prioritization, filtration, synchronization, control of fixes, and support of mitigation rules. Best-in-class DevSecOps data warehouse for full visibility into application security improvements over time and team efficiency. Security issues can be easily tracked, triaged, and prioritized – all from a single user interface for the security team, with integrations to third-party products. Gain full visibility into application production readiness and application security improvements over time. -
12
Vali Cyber
Vali Cyber
We understand that you are being asked to defend against a relentlessly growing threat landscape while being constrained by staff and budget, Vali Cyber is here to help. Harden your environment using lockdown rules to reduce attack surface to prevent attacks, secure Linux endpoints, and take control with multi-factor authentication (MFA) for SSH, even in disconnected environments, to support a zero-trust environment. Detect and stop malware at machine speed with AI/ML-based behavioral threat detection effective against ransomware, cryptojacking, and Wiperware, including unknown and fileless variants with the same efficacy everywhere—cloud-enhanced, not cloud-dependent. Ensure uptime using fully automated remediation that runs in milliseconds to undo damage to the file system and remove attempts to persist files for future attacks. -
13
Blink
Blink Ops
Blink is an ROI force multiplier for security teams and business leaders looking to quickly and easily secure a wide variety of use cases. Get full visibility and coverage of alerts across your organization and security stack. Utilize automated flows to reduce noise and false positives in alerts. Scan for attacks and proactively identify insider threats and vulnerabilities. Create automated workflows that add relevant context, streamline communications, and reduce MTTR. Take action on alerts and improve your cloud security posture with no-code automation and generative AI. Shift-left access requests, streamline approvals flows, and unblock developers while keeping your applications secure. Continuously monitor your application for SOC2, ISO, GDPR, or other compliance checks and enforce controls. -
14
Sweet
Sweet
We use pivotal runtime insights to cut through cloud security's noise and focus on the risks that matter. In the real world, attackers are opportunistically paving their way through your cloud infrastructure while runtime risks are on the rise. Get your “boots on the cloud” with Sweet’s patent-pending, eBPF-based sensor to establish your organizational baseline for what’s normal. Receive critical runtime insights that augment operations across the entire cloud security stack. Sweet’s dynamic profiling finds runtime anomalies, allowing you to address live cloud risks. eBPF-based sensor serves deep, real-time insights, without performance or cost drawbacks. Find zero-day cloud attacks in real-time, get actionable attack stories, and minimal noise. Sweet’s approach elevates the ability of security teams to shut down cloud attacks when they occur, where they occur, with maximum precision and minimal business disruption. -
15
SecHard
SecHard
SecHard is a multi-module software for implementing zero-trust architecture. SecHard provides automated security hardening auditing, scoring, and remediation for servers, clients, network devices, applications, databases, and more. A powerful identity and access management software to get compliant with zero trust and to prevent attacks like privilege abuse, ransomware, and more. SecHard solves the risk awareness problem in asset management. Automated discovery, access, identification, and remediation features provide ultra-wide visibility for all regulations. With the passive scanning method, SecHard operates the vulnerability detection and management processes for all IT assets without creating any risks. SecHard auto-discovers the certificates in the company’s environment report the expiration dates of these certificates, and it can automatically renew some of these certificates through well-known certificate authorities. -
16
Averlon
Averlon
Among millions of vulnerabilities in the cloud, only a small subset paves the way for real-world attacks. Identifying this select subset is key to securing the cloud. Even the most dedicated teams reach their limit. The presence of a vulnerability on an externally exposed asset or in the KEV database does not automatically make it critical. Seamlessly onboard your cloud environment, and within moments, get a clear picture of your security landscape. Thanks to our attack chain analysis, you'll instantly know where to direct your attention. Averlon makes a deep graph analysis of your cloud across assets, network connections, access policies, and issues. Focus on assets and issues that present the most amount of risk. Averlon continuously monitors your cloud and identifies potential real-world attacks. Averlon accelerates the mean-time-to-remediate by reducing alerts into root causes and suggesting precise fixes. -
17
SecureFlag
SecureFlag
SecureFlag’s hands-on training in real development environments offers a tailored approach to enterprise training needs. 45+ technologies supported and over 150 vulnerability types covered. Each comprises a fully configured development environment. With more than 70% of vulnerabilities introduced during development, writing secure software is more critical than ever. SecureFlag has revolutionized the approach to secure coding training. With SecureFlag’s hands-on labs, participants learn in virtualized environments using the tools they know and love. SecureFlag’s Labs teaches participants how to identify and remediate the most prevalent security issues by doing instead of simply just seeing. Labs run in real, virtualized development environments, and participants learn using the same tools they use at work. Engage with your organization’s developer community and promote learning through enjoyable competition. -
18
Operant
Operant AI
Operant AI shields every layer of modern applications, from Infra to APIs. Within minutes of a single-step deployment, Operant provides full-stack security visibility and runtime controls, blocking a wide range of common and critical attacks including data exfiltration, data poisoning, zero day vulns, lateral movement, cryptomining, prompt injection, and more. All with zero instrumentation, zero drift, and zero friction between Dev, Sec, and Ops. Operant's in-line runtime protection of all data-in-use, across every interaction from infra to APIs, brings a new level of defense to your cloud-native apps with zero instrumentation, zero application code changes and zero integrations. -
19
Upwind
Upwind Security
Run faster and more securely with Upwind’s next-generation cloud security platform. Combine the power of CSPM and vulnerability scanning with runtime detection & response — enabling your security team to prioritize and respond to your most critical risks. Upwind is the next-generation cloud security platform that helps you simplify and solve cloud security’s biggest challenges. Leverage real-time data to understand real risks and prioritize what should be fixed first. Empower Dev, Sec & Ops with dynamic, real-time data to increase efficiency and accelerate time to response. Stay ahead of emerging threats & stop cloud-based attacks with Upwind's dynamic, behavior-based CDR. -
20
Edera
Edera
Introducing secure-by-design AI and Kubernetes no matter where you run your infrastructure. Eliminate container escapes and put a security boundary around Kubernetes workloads. Simplify running AI/ML workloads through enhanced GPU device virtualization, driver isolation, and vGPUs. Edera Krata begins a new paradigm of isolation technology, ushering in a new era of security. Edera brings a new era of AI & GPU security and performance, while also integrating seamlessly with Kubernetes. Each container receives its own Linux kernel, eliminating a shared kernel state between containers. Which means goodbye container escapes, costly security tool layering, and long days doom scrolling logs. Run Edera Protect with just a couple lines of YAML and you’re off to the races. It’s written in Rust for enhanced memory safety and has no performance impact. A secure-by-design Kubernetes solution that stops attackers in their tracks. -
21
Apono
Apono
Use the Apono cloud-native access governance platform to work faster and more securely with self-service, secure, scalable access built for modern enterprises running in the cloud. Discover who has access to what with context. Identify access risk leveraging enriched identity and cloud resource context from the environment. Enforce access guardrails at scale. Apono automatically suggests dynamic policies that fit your business needs, streamlining the cloud access lifecycle and gaining control of cloud-privileged access. Improve your environment access controls with Apono’s AI, which detects high-risk unused, over provisioned and shadow access. Remove standing access and prevent lateral movement in your cloud environment. Organizations can enforce strict authentication, authorization, and audit controls for these high-level accounts, reducing the risk of insider threats, data breaches, and unauthorized access. -
22
RAD Security
RAD Security
RAD Security automates threat investigations, cuts through security noise, and helps teams secure smarter and defend faster. Powered by AI-driven digital workers, RAD Security is on a mission to make security make sense. RAD's holistic security platform goes beyond static alerts to correlate signals, prioritize threats, and deliver accurate, actionable insights. From continuous cloud monitoring to automated compliance readiness, RAD enables lean security teams to operate at enterprise scale. With RAD, security teams spend less time chasing false positives and more time solving real security issues. See RAD in action at radsecurity.ai. -
23
Prevasio
AlgoSec
Prevasio is an AI-driven cloud security platform that offers comprehensive visibility, automatic threat detection, and robust protection for cloud applications. It automatically discovers and maps cloud infrastructure, identifying resources and revealing how they power applications, providing unparalleled visibility and actionable insights. Prevasio's agentless Cloud-Native Application Protection Platform (CNAPP) spans the entire CI/CD pipeline to runtime, ensuring streamlined and efficient security management. It prioritizes risks based on their impact on business applications and severity, helping organizations focus on critical vulnerabilities. The platform also simplifies cloud compliance by continuously monitoring cloud assets, ensuring adherence to industry standards and regulations. Prevasio's Infrastructure-as-Code (IaC) scanning detects vulnerabilities early in the development cycle, securing cloud infrastructure before it's built. -
24
Orchid Security
Orchid Security
Orchid Security utilizes a passive listening service to continuously discover self-hosted applications (those that you manage/maintain) and SaaS applications (developed and maintained by others), providing you with a comprehensive inventory of your enterprise applications, along with their key identity characteristics (e.g. MFA enforcement, rogue or orphaned accounts, RBAC privilege data). Orchid Security leverages advanced AI analytics to automatically assess the identity technologies, protocols, and native authentication/ authorization flows for each application. Identity controls are compared against privacy regulations, cyber security frameworks, and identity best practices (e.g. PCI DSS, HIPAA, SOX, GDPR, CMMC, NIST CSF, ISO 27001, SOC2) to detect potential exposure in cyber security posture and compliance coverage. Orchid Security goes beyond providing visibility into weaknesses, to enable organizations with quick and effective remediation of those weaknesses without recoding. -
25
Token Security
Token Security
Token Security accelerates secure enterprise adoption of Agentic AI by discovering, managing, and governing every AI agent and non-human identity across the organization. From continuous visibility to least-privilege enforcement and lifecycle management, Token Security provides complete control over AI and machine identities, eliminating blind spots, reducing risk, and ensuring compliance at scale. -
26
ZEST Security
ZEST Security
ZEST Security offers an AI-powered risk resolution platform that redefines cloud risk remediation for security teams. Unlike traditional security solutions that merely identify vulnerabilities, ZEST proactively resolves them by connecting the right team to the right fix, thereby reducing the time from discovery to remediation. The platform provides full remediation coverage by comparing the planned DevOps state with the actual cloud runtime state, enabling seamless identification and remediation of risks across both managed and unmanaged cloud infrastructure. Automated root cause analysis pinpoints the origin of issues down to the associated asset and originating lines of code, allowing teams to address multiple problems with minimal changes. AI-generated risk resolution paths drastically reduce mean time to remediation and eliminate manual triage by implementing dynamic remediation strategies. -
27
Mammoth Enterprise Browser
Mammoth Cyber
Mammoth Cyber's Enterprise Browser is a Chromium-based solution designed to enhance secure remote access by integrating a policy engine directly within the browser. It offers organizations visibility and control over user interactions with internal applications, public cloud services, and SaaS platforms. By enforcing conditional access and implementing least privilege principles, the browser ensures that users access only the resources necessary for their roles, thereby reducing the risk of data breaches. Detailed audit logs of user activities support compliance and security monitoring. The Enterprise Browser integrates seamlessly with identity providers like Okta and Azure AD, automating role-based permissions and streamlining user onboarding. Its familiar interface minimizes the learning curve, promoting user adoption. Additionally, the browser facilitates secure developer access by supporting SSH, RDP, Git, Kubernetes, and database connections directly. -
28
Defakto
Defakto
Defakto secures every automated interaction by issuing short-lived, verifiable identities to non-human actors such as services, pipelines, AI agents, and machines, eliminating static credentials, API keys, and standing privileges. Their unified non-human identity and access management solution enables discovery of unmanaged identities across cloud, on-premises, and hybrid environments, issuance of dynamic identities at runtime tied to policy, enforcement of least-privilege access, and full audit-ready logging. The product consists of modules; Ledger for continuous discovery and governance of non-human identities; Mint for automated issuance of purpose-bound, ephemeral identities; Ship for secretless CI/CD workflows where hard-coded credentials are removed; Trim for automatic right-sizing of access and removal of over-privileged service accounts; and Mind for securing AI agents and large-language models with the same identity model used for workloads. -
29
Keycard
Keycard
Keycard is an identity-and-access infrastructure platform built for the agent-native era, enabling developers and enterprises to securely connect AI agents, users, services, and APIs with real-time, policy-driven identity controls. It issues dynamic, ephemeral access tokens in place of static secrets and supports federated identity models to unify users, agents, and workloads under a distributed authorization framework. The platform provides drop-in SDKs for popular frameworks so developers can build agent-aware applications without becoming IAM experts. Keycard’s data model includes identity-attested agents, tasks, tools, and resources, allowing logical zones with context-aware permissions and auditability. On the policy side, security teams can define deterministic, task-based rules that enforce who (user/agent) can do what (task) on which resource under which conditions, all with full transparency. -
30
Mondoo
Mondoo
Mondoo is a unified security and compliance platform designed to drastically reduce business-critical vulnerabilities by combining full-stack asset visibility, risk prioritization, and agentic remediation. It builds a complete inventory of every asset, cloud, on-premises, SaaS, endpoints, network devices, and developer pipelines, and continuously assesses configurations, exposures, and interdependencies. It then applies business context (such as asset criticality, exploitability, and policy deviation) to score and highlight the most urgent risks. Users can choose guided remediation (pre-tested code snippets and playbooks) or autonomous remediation via orchestration pipelines, with tracking, ticket creation, and verification built in. Mondoo supports ingestion of third-party findings, integrates with DevSecOps toolchains (CI/CD, IaC, container registries), and includes 300 + compliance frameworks and benchmark templates.