KubeArmor 1.1: Runtime Security Enforcement Enhancements
K8s Guru
2 min read

Table of Contents
Introduction
KubeArmor 1.1, released on March 15, 2023, is most relevant if you’re hardening clusters without turning every deploy into a support ticket. The real value is in rollout safety: tighter controls with fewer false positives, clearer policy outcomes, and smoother day-2 response when something is blocked.
Runtime Security Improvements
- Policy enforcement improvements provide faster and more reliable security policy enforcement.
- Threat detection enhancements enable better detection of security violations.
- Blocking capabilities enable automatic blocking of unauthorized operations.
- Alerting improvements provide better notification of security events.
eBPF Enhancements
- eBPF program optimizations reduce overhead and improve performance.
- Event filtering improvements reduce noise and focus on important security events.
- Kernel compatibility expands support for different kernel versions.
- Performance optimizations improve security enforcement efficiency.
Kubernetes Integration
- Admission control integration enables policy enforcement at pod creation time.
- Service account detection improves identification of containerized applications.
- Resource monitoring provides better visibility into resource access patterns.
- Operator improvements simplify KubeArmor installation and management.
Getting Started
kubectl apply -f https://raw.githubusercontent.com/kubearmor/KubeArmor/main/deployments/GKE/kubearmor.yaml
Create a security policy:
apiVersion: security.kubearmor.com/v1
kind: KubeArmorPolicy
metadata:
name: block-exec
spec:
selector:
matchLabels:
app: my-app
file:
matchPaths:
- path: /bin/*
action: Block
Summary
| Aspect | Details |
|---|---|
| Release Date | March 15, 2023 |
| Headline Features | Runtime security improvements, eBPF enhancements, Kubernetes integration improvements |
| Why it Matters | Delivers comprehensive runtime security enforcement with enhanced eBPF capabilities |
KubeArmor 1.1 provides teams with powerful runtime security enforcement capabilities using eBPF for protecting Kubernetes workloads.