Aegis Vetis home

KUBERNETES SECURITY GOVERNANCE PLATFORM

Secure. Govern. Prove.

The sovereign Kubernetes security and compliance platform for on-prem, air-gapped and regulated infrastructures.

Request demo See architecture

On-prem first Air-gap ready Sovereign Kubernetes native

Aegis Vetis control plane: a cyan-green dome shielding three Kubernetes clusters in orbit, futuristic 3D illustration

THE CHALLENGE

Kubernetes security is complex. The risks are real.

  • Complexity

    Kubernetes sprawl and misconfigurations keep the risk surface growing.

  • Lack of Governance

    Inconsistent policies across clusters and teams.

  • Compliance Pressure

    NIS2, SecNumCloud, ISO 27001 — the bar rises every quarter.

  • Runtime Blind Spots

    Threats surface at runtime. You're missing visibility.

  • Cloud-First Tools

    SaaS-only tooling does not cover air-gap or sovereign needs.

  • Audit & Evidence

    Proving compliance is still painful and time-consuming.

THE SOLUTION

Aegis Vetis brings security, governance and compliance together.

  • Available now

    Policy-as-Code

    Kyverno-native policy management and enforcement.

  • Available now

    Admission Control

    Prevent unsafe workloads before they run.

  • Coming Q3 2026

    Runtime Detection

    Real-time threat detection with eBPF.

  • Available now

    Compliance Engine

    Continuous compliance scoring and mapping.

  • Available now

    Evidence & Audit

    Immutable audit trail and exportable reports.

  • Available now

    Air-Gap Ready

    Designed for disconnected and isolated environments.

  • Beta · 10 clusters max

    Multi-Cluster

    Unified security and visibility across all your clusters.

  • Coming Q3 2026

    SIEM Integration

    Send security data to your existing SIEM.

ARCHITECTURE

A unified security control plane for Kubernetes.

  • Centralized Control Plane

    Manage policies, compliance, and clusters from a single pane of glass.

  • Cluster Agents

    Lightweight agents collect events, enforce policies, and report telemetry.

  • Native Integrations

    Kyverno, Falco/Tetragon, Prometheus, ArgoCD and more.

    Falco/Tetragon and ArgoCD coming soon.

Aegis Vetis architecture overview Diagram: the Aegis Vetis control plane exchanging policy sync, events, telemetry and audit reports with three Kubernetes clusters and the integrations stack (SIEM, GitOps, observability, data layer). Aegis Vetis Control Plane Dashboard — operational overview, KPIs and alerts Dashboard Policy Center — Kyverno-native policy management Policy Center Compliance — continuous scoring against frameworks Compliance Audit Engine — immutable trail of every change Audit Engine Reporting — signed PDF + structured exports Reporting Integrations — outbound connectors to your stack Integrations NATS Event Bus Cluster 1 Kyverno — admission policies enforced locally Kyverno Runtime Collector — eBPF runtime telemetry (Coming Q3 2026) Runtime Collector Policies — local cache of the assigned policy set Policies Reports — local violation evidence pushed to the control plane Reports aegis-agent Cluster 2 Kyverno — admission policies enforced locally Kyverno Runtime Collector — eBPF runtime telemetry (Coming Q3 2026) Runtime Collector Policies — local cache of the assigned policy set Policies Reports — local violation evidence pushed to the control plane Reports aegis-agent Cluster N Kyverno — admission policies enforced locally Kyverno Runtime Collector — eBPF runtime telemetry (Coming Q3 2026) Runtime Collector Policies — local cache of the assigned policy set Policies Reports — local violation evidence pushed to the control plane Reports aegis-agent SIEM Graylog — Coming Q3 2026 Graylog Splunk — Coming Q3 2026 Splunk Sentinel — Coming Q3 2026 Sentinel GitOps Argo CD — policy sync via GitOps (Coming Q3 2026) Argo CD Observability Prometheus — metrics endpoint exposed by every service Prometheus Grafana — dashboards on top of the Prometheus data Grafana Data Layer PostgreSQL 16 — primary store for policies, scans, reports PostgreSQL Flows Policy Sync Events Telemetry Audit / Reports
Diagram: the Aegis Vetis control plane exchanging policy sync, events, telemetry and audit reports with three Kubernetes clusters and the integrations stack (SIEM, GitOps, observability, data layer).

HOW IT WORKS

From prevention to proof.

  1. Deploy

    A workload is deployed.

  2. Prevent

    Admission control validates policies.

  3. Detect

    Runtime engine detects suspicious activity.

    Coming Q3 2026

  4. Govern

    Violations are correlated and scored.

  5. Prove

    Evidence is recorded and reports exported.

COMPLIANCE

Built for today's regulatory demands.

  • NIS2

    EU Cybersecurity Directive

  • SecNumCloud

    French Cloud Security Framework

  • ISO 27001

    Information Security Management

  • CIS Kubernetes

    CIS Benchmarks v1.7

  • NSA / CISA

    Hardening Guidelines

Aegis Vetis provides technical controls inspired by these frameworks. The platform is not an official compliance attestation, but it streamlines continuous evidence collection and the production of the audit reports your certifier expects.

Trusted by organizations that care about sovereignty and security

  • Government
  • Defense
  • Finance
  • Healthcare
  • Cloud providers
  • Critical infrastructure

Take control of your Kubernetes security.

Book a demo and see Aegis Vetis in action.

Request demo Contact sales