KubernetesSecurity.Visualized.

npm install -g k8s-av

Understand how attackers move through your cluster — not just where vulnerabilities exist.

✓ No data leaves your cluster✓ Works with any K8s provider✓ Free to start

SCROLL TO EXPLORE ↓

ATTACK GRAPH BUILD

MAPPING YOUR CLUSTER

VECTORNETES ingests your kubeconfig and indexes every resource in real time.

SCROLL TO ADVANCE

WHAT WE DO

Four capabilities.
One unified graph.

CAPABILITY 01

Attack Path Discovery

BFS graph traversal from every entry point to every crown jewel — ranked by exploitability.

23 paths found in 240ms

CAPABILITY 02

RBAC Relationship Mapping

Every ServiceAccount, Role, and binding as navigable edges. Find wildcard permissions instantly.

100% of bindings mapped

CAPABILITY 03

CVE Enrichment

Running image SHAs matched against NVD and OSV databases. Vulnerabilities anchored to nodes.

99.7% NVD match rate

CAPABILITY 04

Crown Jewel Detection

Automatically identify Secrets, ConfigMaps, and database pods representing the highest-value targets.

3 crown jewels auto-detected

⚠ 23 attack paths detected

✓ 847 nodes indexed

◆ 3 crown jewels

↯ 240ms scan time

VECTORNETES.app/dashboard

VECTORNETES DASHBOARD

> scanning pods..._

BY THE NUMBERS

Clusters Analysed

0ms

Median Latency

0‰

CVE Accuracy

● prod-cluster-eu secured ● 847 nodes indexed ● 3 threats mitigated ● gke-prod-us-east1 scanned ● 23 attack paths mapped ● secret-db-creds identified ● aks-staging-westus2 analyzed ● prod-cluster-eu secured ● 847 nodes indexed ● 3 threats mitigated ● gke-prod-us-east1 scanned ● 23 attack paths mapped ● secret-db-creds identified ● aks-staging-westus2 analyzed

Map your attack surface.
Before they do.

Connect your kubeconfig. Get a full attack graph in under 60 seconds. No agent. No data exfiltration. Free forever.

No agent requiredUnder 60 secondsFree forever

VECTORNETES — zsh

HOW IT WORKS

From cluster to attack graph in three steps.

⬡

Connect

Point VECTORNETES at your kubeconfig. Read-only. No data leaves your cluster.

< 30 seconds

◎

Scan

BFS + Dijkstra find all attack paths in under 60 seconds.

< 60 seconds

⬟

Secure

Kill Chain reports. Know exactly what to patch first.

Instant