Cybersecurity firm Rapid7 announced Wednesday a strategic partnership with ARMO, the company behind Kubescape, one of the most widely adopted open-source cloud-native security tools. The collaboration is aimed at enhancing cloud and application runtime security within Rapid7’s Command Platform.
Kubescape, maintained by ARMO, is used by more than 100,000 organizations worldwide. The partnership will integrate ARMO’s advanced Cloud Application Detection and Response (CADR) technology into Rapid7’s platform, extending the company’s existing exposure management and threat detection capabilities into live, runtime environments.
The move comes as cloud environments become increasingly complex and vulnerable to attacks that exploit small, interconnected gaps across services. By combining Rapid7’s broad attack surface visibility with ARMO’s continuous anomaly and threat detection, the companies aim to provide a unified view of cloud risk, faster incident response and stronger cyber resilience.
“By extending our exposure management leadership with runtime from ARMO, we’re giving organizations clearer visibility, faster response and better security outcomes,” said Corey Thomas, CEO of Rapid7. “This is another important step in our commitment to delivering unified, open security with exposure context that enables security teams to move from reactive defense to preemptive response.”
The new capabilities will allow security teams to detect threats in real time — including API abuse, data exfiltration and container breakout attempts — and correlate those with existing misconfigurations, vulnerabilities, and identity risks. This enables organizations to isolate compromised workloads, terminate malicious processes and stop lateral movement in multicloud environments like AWS and Azure.
“Our team built ARMO to bring the most advanced runtime-powered, open-source first, behavioral Cloud Runtime Security to every Kubernetes and cloud-native environment,” said Shauli Rozen, co-founder and CEO of ARMO. “Rapid7 shares that philosophy. Together, we’re helping organizations detect real attacks as they happen and protect the infrastructure their businesses rely on.”
According to IDC senior research manager Philip Bues, the integration of runtime threat detection with exposure management meets a growing market need. “This addition to Rapid7’s capabilities enables security teams to better correlate exposures with active threats and prioritize remediation based on operational risk, supporting both security objectives and business continuity,” he said.
The integration will be available as part of Exposure Command Ultimate, Rapid7’s advanced exposure management suite.