Screenshots

    Inactive-State
    Active State

    Comparison Table

    GitHub stars

    Popularity among the OSS community.

    Datree

    5.7k

    Gatekeeper

    2.6k

    Kyverno

    2.7k

    Rules language

    The language in which the policy rules are written.

    Datree

    JSON Schema

    Gatekeeper

    Rego

    Kyverno

    JMESPath

    Manifest scanning

    Scan Kubernetes configs (YAML files) for misconfigurations.

    Datree

    Gatekeeper

    Kyverno

    K8s admission controller webhook

    Scan Kubernetes objects on deployment to production.

    Datree

    Gatekeeper

    Kyverno

    Native templating support

    Scan helm charts and Kustomize.

    Datree

    Gatekeeper

    Kyverno

    Built-in rules

    Pre-configured set of rules to validate your Kubernetes objects.

    Datree

    Gatekeeper

    Kyverno

    Schema validation

    Validate that your manifests meet Kubernetes schema.

    Datree

    Gatekeeper

    Kyverno

    YAML validation

    Validate that your manifests are written in syntactical YAML.

    Datree

    Gatekeeper

    Kyverno

    Granular permissions

    Assign read/write permissions to your policies and account.

    Datree

    Gatekeeper

    Kyverno

    Reporting and tracking

    Track and report on the status and outcome of previous scans.

    Datree

    Gatekeeper

    Kyverno

    * Possible with 3rd party apps

    Runtime audit

    Detect misconfigurations in your running workloads.

    Datree

    Gatekeeper

    Kyverno

    Shared policies

    Share the same policy across different users and machines. Edit once, run everywhere.

    Datree

    Gatekeeper

    Kyverno

    Scans direct objects

    Reduce false negatives by scanning only explicit objects. Read more here.

    Datree

    Gatekeeper

    Kyverno

    Other IaC support

    Support for other IaC technologies such as Terraform.

    Datree

    Gatekeeper

    Kyverno

    Policy as code

    Manage your policies and rules from code.

    Datree

    Gatekeeper

    Kyverno

    Image scanning

    Scan images for vulnerabilities.

    Datree

    Gatekeeper

    Kyverno

    Dir path scanning

    Validate multiple files by scanning the folder in which they reside.

    Datree

    Gatekeeper

    Kyverno

    Project language

    The language in which the project is written.

    Datree

    Go

    Gatekeeper

    Go

    Kyverno

    Go

    Offline support

    The project can run without internet connection.

    Datree

    Gatekeeper

    Kyverno

    Mutation/Remediation

    Create workflow for fixing the detected misconfigurations.

    Datree

    Gatekeeper

    Kyverno

    Editable failure message

    Edit the message the user receives when objects fails to meet the policy.

    Datree

    Gatekeeper

    Kyverno

    Reveal misconfigurations within minutes

    3 Quick Steps to Get Started