Kubescape 4.0 shipped with two capabilities that caught my attention: GA runtime threat detection and AI agent security scanning. The first makes Kubescape a real alternative to commercial runtime security tools. The second signals where Kubernetes security is heading.
Runtime Threat Detection Is Now GA
After extensive testing, Kubescapeβs runtime threat detection engine is production-ready. It monitors:
- System interactions β processes, Linux capabilities, syscalls
- Network events β connections, HTTP requests
- File system activities β reads, writes, permission changes
The engine uses CEL (Common Expression Language) rules with direct access to Application Profiles β behavioral baselines for your workloads. If a container suddenly starts making network calls it has never made before, Kubescape detects it.
How It Works
# Rules and RuleBindings are Kubernetes CRDs
apiVersion: kubescape.io/v1
kind: RuntimeRule
metadata:
name: detect-unexpected-network
spec:
cel: |
has(event.network) &&
!event.network.destination.ip in profile.expected_connections
severity: high
action: alertAlert Integration
Export alerts to your existing stack:
- AlertManager (Prometheus ecosystem)
- SIEM systems
- Syslog
- HTTP webhooks
- Stdout (for logging pipelines)
This is significant because it means you do not need Falco or commercial tools like Sysdig for basic runtime detection. Kubescape handles it natively.
AI Agent Security Scanning
The most forward-looking feature: Kubescape can now scan the security posture of AI agents running on your cluster. As AI agents get access to Kubernetes APIs, filesystems, and network resources, they become attack surfaces.
Kubescape 4.0 addresses this by:
- Allowing AI agents to invoke Kubescape for cluster scanning (secure by design)
- Scanning AI agent workloads for excessive permissions, missing security contexts, and network exposure
This aligns with what I have been writing about in the AI on Kubernetes series β as AI moves into production, security must evolve with it.
Aggregated API Storage (GA)
Kubescape stores security metadata (Application Profiles, SBOMs, vulnerability manifests) using the Kubernetes Aggregated API instead of etcd. This matters at scale:
- No etcd pressure from security data
- Handles high-density clusters
- Kubernetes-native access patterns
Architecture Changes
The host-sensor DaemonSet is gone. Its capabilities are integrated into the node-agent, removing the need for ephemeral high-privilege pods. This is a cleaner, more auditable architecture.
What This Means for Platform Teams
Replace Commercial Runtime Security (Maybe)
If you are paying for Falco Enterprise or Sysdig Secure primarily for runtime detection, evaluate Kubescape 4.0. The CEL-based rules give you comparable detection with:
- No agent outside Kubernetes
- CRD-based rule management (GitOps-friendly)
- Direct integration with Kubernetes RBAC
AI Workload Security Is Now a Category
Kubescape scanning AI agents is not a gimmick. As organizations deploy LLM-powered tools with cluster access, the permission model must be audited:
- Does the AI agent have cluster-admin?
- Can it create pods in any namespace?
- Does it have network access to sensitive services?
See Kubernetes RBAC guide for proper least-privilege patterns.
Related Resources
- Container Security with Trivy
- DevSecOps Pipeline
- Kubernetes Network Policies
- Kubernetes RBAC Guide
- Kubernetes AI Conformance
- Trivy Cheat Sheet
About the Author
I am Luca Berton, AI and Cloud Advisor. I help platform teams implement security for AI workloads on Kubernetes. Book a consultation.
