Coming Q2 2026 · early access opens soon

Catch threats in your
Kubernetes cluster
before they catch you.

Runtime threat detection built on Falco. Curated rules, smart deduplication, beautiful email reports. Self-hosted, air-gapped, your data stays in your cluster.

⎈ Helm install 🔒 Self-hosted ✨ AI-summarized alerts 💾 One-time license 🔧 No phone home

Get notified at launch. Early supporters get $20 off. No spam, no tracking, unsubscribe anytime.

kubesentry.local

cluster: production-eu live

Critical +1

2

High +3

5

Medium −4

12

Suppressed dedup

847

Recent alerts — last 24h

⌘ K filter

Severity	Rule	Pod / Namespace	Time	×
CRIT	Reverse shell in container	payments-api-7d8f · prod	2m ago	1
CRIT	Crypto mining process detected	redis-cache-2k · cache	14m ago	3
HIGH	Privileged container started	debug-tools-x · ops	1h ago	1
HIGH	Sensitive file accessed	api-gateway-9 · prod	2h ago	6
HIGH	RBAC role modified	kube-api-proxy · kube-system	3h ago	1
MED	Unusual outbound connection	worker-batch-3 · jobs	4h ago	2
MED	Container drift detected	user-service-1 · prod	5h ago	1

i Showing 7 of 12. Press ⌘ K to search, f to filter by namespace.

// how it works

From helm install to first alert in under 5 minutes.

01 install

$ helm install kubesentry \

kubesentry/kubesentry

One-command install

Falco + collector + dashboard + alerter — all deployed via one Helm chart. Works on any K8s distro.

02 detect

Reverse shell in pod/payments-api

RBAC modification detected

Privileged container started

Curated rules

50+ hand-picked Falco rules tuned for low false positives. Crypto miners, reverse shells, privilege escalation, lateral movement.

03 alert

→ Slack

→ Email digest

→ Discord / Teams

→ Custom webhook

Actionable alerts

Critical events fire instantly. Daily digests roll up the noise. Every alert ships with context and a remediation playbook.

// why kubesentry

Enterprise security
at enterprise prices.
for $99.

Datadog. Sysdig. Aqua. Built for enterprises with security teams. KubeSentry is built for the rest of us — the solo founder, the two-person platform team, the agency running clusters for clients.

Them

Datadog Cloud Security

$15+/host/mo

Us

KubeSentry

$99 one-time

Them

Sysdig Secure

$60+/host/mo

Us

KubeSentry

$99 one-time

Them

Aqua Enterprise

$Contact sales

Us

KubeSentry

$99 one-time

// questions

You probably want to know.

Is this just a Falco wrapper? +

Falco is the engine — open source, world-class, and free. KubeSentry is the experience around it: a curated ruleset with low false positives, smart deduplication, a clean dashboard, beautiful email digests, multi-channel alerting, and remediation playbooks for every alert. Think of it as 'managed Falco you actually self-host.'

Why one-time pricing? +

Because subscription fatigue is real. You pay once, install on your cluster, and own it. Updates included for 6-12 months depending on tier. After that, optional $49/year for new rules and features.

Does it phone home? +

No. Air-gapped friendly. License keys are validated offline with cryptographic signatures. Your alerts and cluster data never leave your infrastructure.

What about Wazuh / Tetragon / Kubescape? +

They're great tools. Wazuh is a full SIEM (heavyweight). Tetragon is powerful but low-level. Kubescape focuses on posture, not runtime. KubeSentry is opinionated and focused: real-time threat detection with zero setup pain. If you want to combine — go for it.

When does it launch? +

Targeting Q2 2026. Sign up above for early access — first 50 people get $20 off and priority support.

Catch threats in your Kubernetes cluster before they catch you.

Recent alerts — last 24h

From helm install to first alert in under 5 minutes.

One-command install

Curated rules

Actionable alerts

Enterprise security at enterprise prices. for $99.

You probably want to know.

Catch threats in your
Kubernetes cluster
before they catch you.

Enterprise security
at enterprise prices.
for $99.