Kubescape 4.0 introduces runtime threat detection, AI agent security scanning, and architectural improvements to the CNCF's open-source Kubernetes security platform.
The open-source Kubernetes security platform Kubescape has reached version 4.0, introducing runtime threat detection capabilities and the first systematic approach to securing AI agents themselves within Kubernetes environments.
This release marks a significant evolution for the CNCF incubating project, which has historically focused on scanning clusters, Helm charts, YAML manifests, and CI/CD pipelines for misconfigurations, vulnerabilities, and RBAC violations. The new capabilities address the growing complexity of modern Kubernetes deployments, particularly as organizations increasingly deploy autonomous AI agents that require the same security scrutiny as traditional workloads.
Runtime Threat Detection Goes General Availability
The headline feature in 4.0 is the general availability of Runtime Threat Detection and Kubescape Storage. The Runtime Threat Detection engine monitors processes, Linux capabilities, system calls, network and HTTP events, and file system activity using detection rules based on the Common Expression Language. These rules work directly against Kubescape's Application Profiles to establish baseline behavior and alert on deviations.
The engine has been rigorously tested and proven stable at scale, with the project claiming it can cut CVE noise by over 95% by focusing on actual runtime behavior rather than static vulnerability lists. Rules and RuleBindings are now managed as Kubernetes CRDs, and alerts can be forwarded to AlertManager, SIEM tools, Syslog, Stdout, or HTTP webhooks.
Kubescape Storage, also reaching GA in this release, uses the Kubernetes Aggregated API to store security metadata such as Application Profiles, SBOMs, and vulnerability manifests in a dedicated layer. This architectural change keeps sensitive security data out of the standard etcd instance, addressing performance and security concerns for large-scale, high-density clusters.
Architectural Simplification and AI Security
Version 4.0 removes the host-sensor and host-agent components that previously used pop-up DaemonSets for node scanning. These approaches were flagged by the community as intrusive and difficult to audit from a security standpoint. Their capabilities have been folded into the node-agent via a direct API between Kubescape's core microservices, resulting in a single agent per node that the project argues makes the security posture "both more stable and easier to audit."
The release also introduces AI-related security features targeting the two sides of AI security: securing AI agents and using AI for security operations. A KAgent-native plug-in allows AI assistants to query Kubernetes security posture from within a cluster, enabling agents to inspect vulnerability manifests, review configuration scans for RBAC issues, find guidance on fixing problems, and observe container behavior at runtime using ApplicationProfiles and NetworkNeighborhoods.
Securing KAgent Itself
Perhaps most notably, Kubescape 4.0 introduces security scanning specifically for KAgent, the CNCF Sandbox project for AI orchestration. KAgent, accepted into the CNCF Sandbox in May 2025, provides an open-source framework for building Kubernetes-native AI agents using the Model Context Protocol architecture.
Because KAgent establishes pathways between AI models and enterprise infrastructure, the Kubescape team argues that its configuration needs the same level of scrutiny as any other workload. The project introduces 15 controls based on OPA's Rego language, covering 42 security-critical configuration points in KAgent's CRDs. These controls check for errors such as empty security contexts in default deployments, missing NetworkPolicies, and over-privileged controller-wide namespace watching.
Ben Hirschberg, Kubescape Core Maintainer, explains the rationale: "We need robust security guardrails to stop agents from exploiting them for high-risk actions like unauthorized access or deleting production data."
Compliance and Integration
The 4.0 release adds support for CIS Benchmark versions 1.12 for vanilla Kubernetes and 1.8 for EKS and AKS. It builds on Kubescape's existing Rego-based framework, which already supports compliance standards including NSA-CISA and MITRE ATT&CK frameworks.
Native integrations with tools such as VSCode and GitHub Actions allow teams to embed security checks early in the development process without disrupting workflows. The project maintains its commitment to reducing the friction between security and development teams by providing actionable guidance rather than just alerts.
Context and Community
Kubescape was accepted as a CNCF Incubating project in January 2025, having entered the CNCF Sandbox in 2022. The project is maintained by ARMO and accepts contributions from the wider community. This release reflects the project's maturation and its response to real-world deployment patterns, particularly the rise of agentic AI in Kubernetes environments.
As organizations deploy more autonomous AI agents that gain deeper access to infrastructure, the attack surface they represent becomes a practical concern rather than a theoretical one. Kubescape 4.0 represents one of the first systematic attempts to apply cloud native security tooling to the agents themselves, rather than only to the workloads they manage.
The release demonstrates how security tooling must evolve alongside the platforms it protects, addressing not just traditional workloads but also the emerging class of intelligent agents that are becoming integral to modern cloud native architectures.
Comments
Please log in or register to join the discussion