KTrust Launches Automated Red Team for Kubernetes Security


KTrust, a Tel Aviv-based security startup, takes a different approach to Kubernetes security than many of its competitors in the space. Instead of only scanning Kubernetes clusters and their configurations for known vulnerabilities, KTrust takes a more proactive approach. It deploys an automated system that attempts to hack the system. This allows security teams to focus on actual attack paths and not just long lists of potential security vulnerabilities. As such, KTrust is essentially a reading team in a box – although research firm Gartner prefers to call it Continuous Threat Exposure Management (CTEM).

Ktrust comes out of stealth today and announces a $5.4 million seed funding round led by AWZ Ventures.

As is the case with many Israeli security companies, the management team comes with considerable experience. CEO Nadav Toledo was previously a colonel in the Israeli Defense Forces’ Intelligence Unit 8200, where he spent 25 years before founding KTrust. Technical director Nadav Aharon-Nov was previously CTO of cyber intelligence and defense company R-MOR, while COO Sigalit Shavit was previously global CIO of publicly traded CyberArk. CBO Snit Mazilik rounds out this group with extensive business experience, including serving as CEO of Shanghai-based fashion wholesaler Must Garment Group and as managing partner of real estate investment firm NOI Ventures. It’s an eclectic group of founders, but as Toledo told me, “everyone brings a different perspective to the board and it’s the best team.”

As a group, Toledo, Aharon-Nov and Mazilik began brainstorming different ideas for a security startup. The team landed on Kubernetes, which isn’t necessarily a surprise, given that it’s still a rapidly growing ecosystem that many traditional companies are only beginning to adopt.

Image credits: KTrust

“Kubernetes is very complex and very dynamic. We went to organizations and spoke with DevOps teams and CISOs […] We saw that DevOps teams were struggling – and we also saw DevSecOps teams struggling because they want them to also be Kubernetes experts – configuring Kubernetes – and on the other hand, security experts “, Toledo told me.

The team noted that most Kubernetes security solutions take what it calls a “passive scanner approach” that focuses on static code analysis. But that results in a lot of alerts and then someone has to turn them into a work plan. The idea behind KTrust is to take a very different approach by using an automated red team algorithm that proactively explores attack paths to identify exposures in a Kubernetes-based system. KTrust takes settings from a customer’s Kubernetes infrastructure, then duplicates them in a secure sandbox where its algorithms can attack them.

Image credits: KTrust

The algorithm then imitates real attackers. “By doing this, we find real attack paths to exploit and we don’t get a list of hundreds of things that aren’t connected. We show DevSecOps the validated exploits – and that’s real validation because it was a real attack,” Toledo explained. He noted that while working with a recent client, the passive scanner discovered more than 500 vulnerabilities, but that by using KTrust’s agent-based system, the team was able to reduce that number to just a dozen actual attack paths.

Using KTrust, security teams can then see exactly how the algorithm attacked the system. When it comes to mitigation, the service can provide users with manual mitigation recommendations, and in many cases it can also automate these steps.

It is worth noting that the company employs a group of security specialists dedicated to discovering new attack vectors. The team has already submitted a number of Common Vulnerabilities and Exposures (CVEs) for Kubernetes and Argo CD.

“Our investment in KTrust demonstrates our confidence in their distinctive Kubernetes security solution, meeting critical market demand. With this investment, KTrust will enable DevSecOps around the world to ensure the secure deployment of their Kubernetes-based applications,” said Yaron Ashkenazi, Managing Partner of AWZ Ventures.


Leave a Comment

Your email address will not be published. Required fields are marked *