KDefend
Kscope KDefend combines application, cloud, and data security into a single, unified view. It integrates four security domains — CSPM, DSPM, ASPM, and AISPM — into one platform powered by the context graph.
Architecture
Security Domains
| Domain | What it covers | Key analyzers | Learn more |
|---|---|---|---|
| CSPM | Cloud infrastructure misconfigurations, IAM risks, network exposure, compliance posture | AWS IAM, Azure IAM, GCP IAM, AWS Compute, AWS Network, Kubernetes | Details → |
| DSPM | Database access, storage encryption, sensitive data exposure, public bucket detection | AWS Storage, Azure Storage, GCP Storage, AWS RDS, Database | Details → |
| ASPM | Code vulnerabilities, SBOMs, secrets, IaC misconfigurations, CI/CD pipeline security | Application, Code, SCA, IaC, GCP DevOps | Details → |
| AISPM | AI model security, agent permissions, prompt vulnerabilities, training data integrity | AI IAM, AI SAST, AI DAST, Azure AI, GCP AI | Details → |
Key Capabilities
| Capability | Description |
|---|---|
| Live Inventory & SBOM | Dynamically maps all applications, APIs, libraries, and infrastructure — generating real-time Software Bill of Materials |
| Business-Aware Risk Prioritization | Prioritizes vulnerabilities by operational impact and business criticality, not just CVSS scores |
| API & Dependency Mapping | Discovers APIs, maps communication patterns, and visualizes attack surfaces |
| Cross-Domain Correlation | Connects findings from code, cloud, and data domains into unified insights via the context graph |
| Sensitive Data Flow Protection | Tracks how PII, PHI, and PCI data flows across services and identifies exposure zones |
| Blast Radius Modeling | Maps architectural dependencies and simulates the impact of outages or breaches |
KDefend Dashboard
The KDefend landing page provides at-a-glance KPIs and trend charts across all four domains. See the Landing Page guide for a full walkthrough of dashboard widgets including:
- Application Risk Score Heatmap
- Control Violations by Severity
- Open vs Closed Vulnerabilities
- MTTR Trends
- Insight Map
- Pipeline Coverage
Getting Started
- Connect Blueprints — Set up read-only integrations for your cloud accounts, SCM tools, and security scanners via the Blueprint catalog
- Review Analyzers — Each domain activates specific analyzers that process ingested data through the context graph
- Monitor Insight Feeds — Prioritized findings appear in Insight Feeds, scored by business impact
- Explore with KAI — Ask natural language questions about your security posture via KAI
Need Help?
Contact support at support@kscope.ai or use the in-app KAI assistant.