Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The answer depends on who you ask – and how they approach threat detection.

Software supply chain attacks cost businesses $45.8 billion globally in 2023 alone, and is projected to exceed $80.6 billion by 2026. According to Gartner’s projection, 45% of organizations will experience software supply chain attacks this year. These emphasize the importance of software supply chain security and the need for every organisation to prioritize it.

Containerization, a form of lightweight virtualization, lets applications inhabit their own self-contained environments. Each container packages everything an application needs to run – code, runtime, libraries – keeping it neatly separated from everything else. This isolation is a big deal because it means a problem in one container won’t bring down the whole environment.

On March 24, 2025, Wiz Research disclosed a series of critical vulnerabilities in Ingress NGINX Controller for Kubernetes, collectively dubbed: These unauthenticated Remote Code Execution (RCE) vulnerabilities have been assigned a CVSS base score of 9.8. According to Wiz Research, exploitation allows attackers to gain unauthorized access to all secrets across all namespaces in affected Kubernetes clusters, potentially leading to complete cluster takeover.

As organizations increasingly adopt cloud-native architectures, they face a sprawling attack surface with novel threats that traditional security measures struggle to manage. ARMO’s Behavioral Cloud Application Detection and Response (CADR) offers the precise solution to these problems. It is designed to address the complexities and challenges of securing cloud-native applications in runtime.

CVE-2025-1094 presents a critical challenge to established SQL security paradigms, effectively circumventing fundamental best practices. Though initially reported over a month ago, the gravity of its implications warrants an extensive analysis. This vulnerability challenges the long-held assumption that proper escaping guarantees protection against SQL injection attacks.

The cybersecurity landscape has dramatically shifted with the rise of cloud computing. While Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) have proven valuable in protecting traditional endpoints, the cloud introduces a new set of challenges. This post examines why these solutions, rooted in endpoint-centric approaches, may fall short in the cloud, highlighting the need for a new generation of cloud protection strategies designed for SaaS, IaaS, and PaaS environments.

Runtime security is all about real-time protection, actively monitoring and responding to threats as they happen, not just hardening, setting up barriers or reacting to attacks after the fact. Think of it this way: traditional security measures prevent most intruders, but what about the ones that manage to get in? Runtime security alerts you to any suspicious activity and takes immediate action to stop it. Why is this so important for containers?

We’re excited to announce that Kubescape has officially entered the CNCF Incubating stage! This achievement marks a huge step for the project. The 2021 idea, devised by Ben Hirschberg, ARMO CTO and Co-founder, to create a simple tool for scanning Kubernetes clusters against NSA-CISA hardening guidelines, has since developed, expanded, improved and matured. Kubescape is now a robust, full-fledged security platform, all thanks to the amazing support from the Kubescape community and CNCF.

Kubernetes security is an evolving challenge, and staying compliant with industry best practices is crucial. That’s why we’re excited to announce that ARMO now supports the latest CIS Kubernetes Benchmark v1.10! Get your Kubernetes Security Checklist now.