KTrust, a Tel Aviv–based security startup, is taking a different approach to Kubernetes security from many of its competitors in the space. Instead of
KTrust, a security startup based in Tel Aviv, is revolutionizing Kubernetes security by adopting a proactive, attack-focused approach rather than merely scanning for vulnerabilities.
It uses an automated system that attempts to hack into Kubernetes systems, enabling security teams to address real-world attack paths instead of potential vulnerabilities.
Often likened to a "red team in a box," Gartner refers to this as "continuous threat exposure management" (CTEM).
KTrust has just exited stealth mode, announcing a $5.4 million seed funding led by Awz Ventures.
The startup's leadership team boasts significant experience, with CEO Nadav Toledo, formerly a colonel in the IDF's intelligence unit, CTO Nadav Aharon-Nov, previously with R-MOR, and COO Sigalit Shavit, an ex-CIO at CyberArk.
CBO Snir Maizlik brings in extensive business acumen.
KTrust's approach differs from traditional passive scanning used by most Kubernetes security solutions.
It creates a secure sandbox where algorithms can simulate real attacks on the infrastructure, identifying fewer but more critical vulnerabilities.
This method reduces the noise from false positives seen with static code analysis.
For example, in one case, it reduced 500 vulnerabilities to about a dozen true attack paths.
The company's innovative strategy includes a specialized team for uncovering novel attack vectors, having submitted several CVEs for Kubernetes.
Awz Ventures is confident in KTrust’s unique solution, aimed at empowering global DevSecOps teams in securely deploying Kubernetes-based applications.
Frederic, a former TechCrunch writer, provided this coverage.