KTrust, a Tel Aviv-based security startup, is taking a different approach to Kubernetes security from many of its competitors in the space. Instead of only scanning Kubernetes clusters and their configurations for known vulnerabilities, KTrust is taking a more approach that is proactive. It deploys an system that is automated tries to hack into the system. This allows security teams to focus on real-world attack paths and not just long lists of potential security vulnerabilities. As such, KTrust is essentially a team that is read a box — though analysis company Gartner would rather phone it Continous Threat visibility Management (CTEM).

Ktrust is taken from stealth these days and announcing a $5.4 million seed financing round led by AWZ Ventures.

As The leadership team is coming in with considerable experience with so many Israeli security companies. CEO Nadav Toledo was previously a colonel in the Israeli Defense Forces’ 8200 intelligence unit, where he spent 25 years before starting KTrust. CTO Nadav Aharon-Nov previously was the CTO at cyber intelligence and defense company R-MOR, while COO Sigalit Shavit was previously the CIO that is global of exchanged CyberArk. CBO Snit Mazilik suits this combined group with extensive business experience, including as the CEO of Shanghai-based fashion wholesaler Must Garment Group and as a managing partner at real estate investment firm NOI Ventures. That’s an eclectic group of founders, but as Toledo told me, “everybody brings a different perspective to the board and it’s the very team that is best.”

As an organization, Toledo, Aharon-Nov and Mazilik began brainstorming various tips for a security startup. The group arrived on Kubernetes, which can be certainly not a shock, considering that it’s nevertheless a ecosystem that is fast-growing many traditional enterprises are only now starting to embrace.

Image Credits: KTrust

“Kubernetes is very complex and it’s very dynamic. We went to organizations and talked to the DevOps teams and CISOs […] We saw the DevOps teams were struggling — and we also saw the DevSecOps teams struggling them to also be Kubernetes experts — configuring Kubernetes — and on the other hand, be security experts,” Toledo told me.

The team noted that most Kubernetes security solutions took what he called a “passive scanner approach” that focuses on doing static code analysis because they want. But that total results in lots of alerts and somebody then has to turn these into a work plan. The idea behind KTrust is to take a very different approach by using an automated red team algorithm that proactively explores attack paths to identify exposures in a system that is kubernetes-based. KTrust takes a customer’s Kubernetes infrastructure configurations then duplicates all of them in a sandbox that is secure its algorithms can attack it.Image Credits:


The algorithm then mimics attackers that are real. “By doing this, we discover real assault routes to take advantage of and you also don’t get a summary of a huge selection of things that aren’t linked. We reveal the DevSecOps the validated exploits — plus it’s true validation since it had been a proper attack,” Toledo explained. He noted that after using the services of a client that is recent the passive scanner discovered more than 500 vulnerabilities, but using KTrust’s agent-based system, the team was able to whittle this down to only about a dozen actual attack paths.

Using KTrust, security teams can see exactly how then the algorithm attacked the device. The service can provide users with recommendations for manual mitigation and in many cases, it can also automate these steps.

It’s as for mitigation worth noting that the company employs a group of security specialists dedicated to novel that is uncovering vectors. The group has recently posted lots of CVEs (Common weaknesses and Exposures) for Kubernetes and Argo CD.

“Our financial investment in KTrust indicates our self-confidence inside their unique Kubernetes security option, fulfilling a market demand that is critical. With this investment KTrust will scale to empower DevSecOps globally in ensuring the deployment that is secure of Kubernetes-based programs,” said  Yaron Ashkenazi, handling lover, AWZ Ventures.(*) (*)