Kubescape version 4.0 has launched, enhancing Kubernetes security with runtime threat detection and AI-specific features. Announced during KubeCon + CloudNativeCon Europe 2026 by core maintainer Ben Hirschberg, this version prioritizes the protection of AI agents and introduces general availability for Runtime Threat Detection and Kubescape Storage.
As an open-source platform under CNCF incubating status, Kubescape scans clusters, CI/CD pipelines, and Helm charts for vulnerabilities and misconfigurations, reducing CVE noise by over 95%. The new threat detection engine employs rules based on Common Expression Language, monitoring system activity and forwarding alerts to various tools.
Notable enhancements include the streamlined architecture with a single node agent replacing intrusive host sensors. Additionally, 15 new Rego-based controls for KAgent’s CRDs bolster security compliance with standards like MITRE ATT&CK. Kubescape’s 4.0 aims to secure increasingly autonomous AI workloads, marking a pivotal step in cloud-native security for Kubernetes environments.
Source link
