Kustomize Security

Detect and fix misconfigurations in Kustomize projects to reduce your attack surface before provisioning cloud infrastructure

Policy as Code for Kustomize

Your Kustomizations express your infrastructure as code and provide a unique opportunity to establish guardrails in the development lifecycle that enforce security and compliance policies. Embedding policy as code for Kustomize into your pipelines ensures programmatic compliance to 1800+ Accurics policies across popular standards such as CIS Benchmarks, PCI, SOC2, GDPR, and AWS Security Best Practices.

Identify Potential Breach Paths

Accurics generates a real-time topology of your infrastructure from your Kustomizations, programmatically builds threat models and surfaces potential breach paths. This ensures you not only identify policy violations but understand which violations represent the greatest risk of exposure.

Programmatically Resolve Risks

Cloud native projects move fast, and developers don’t have time to research tons of policy violations. Accurics reports violations via programmatically generated pull requests that include the code to resolve the issue. You only need to quickly review and merge the fix. Accurics can optionally self-heal risks in the pipeline, without supervision, to ensure that issues are automatically mitigated before infrastructure is provisioned.

Open Source and Commercial Options

Open Source

Define Policy as Code in Kustomize projects, leveraging a library of 500+ policies to enforce best practices and standards such as the CIS benchmark using our free and open source tools.


Leverage Accurics commercial offerings for advanced security in both build- and run-time environments, including deeper scans using 1800+ policies, breach path identification, drift management, and automated fixes.

We use cookies to ensure you get the best experience on our website. By continuing to browse this site, you acknowledge the use of cookies.