I recently started using ARMO, ( which uses Kubescape), it is very simple to get started and covers various compliance needs, besides I like the attack paths, CVE etc. Compared to other products in the market, it is priced reasonably and works very well with any cloud provider. You need ARMO if you have set Kubernetes cluster on the cloud, to verify the configurations, remove various security issues, and identify various compliance violations. Once these are fixed, it is easy for SOC2 or other compliance. ARMO also has a remediation option against each issue, which is kind of nice, and helps to pinpoint what additional controls to add to the YAML files.

The automation features of ARMO Platform stand out as remarkable capabilities. The Platform performs its tasks by reducing hand labor which frees up at least one day of work during each week. The main benefit of the ARMO Platform lies in its capability to integrate with our existing tools. Automation capabilities founded in the ARMO Platform represent an outstanding feature through its capability to gather data from different sources then present it in one unified dashboard. This single feature allows our team to save three hours of reporting work each week.

The platform is ituitive and the most importantly guide you to the solution of the issues highlighted. It was easy to integrate with my existing clusters