Nirmata Advances Policy Management and Governance Powered by Leading Kubernetes-Native Policy Engine, Kyverno

Company sees increasing demand and maturity of open-source project empowering DevSecOps teams to secure their cloud infrastructure

San Jose, CA, October 24, 2022 – At KubeCon + CloudNativeCon North America 2022, Nirmata, the software solutions provider for policy-based security and automation of production Kubernetes workloads and clusters, and creators of Kyverno, the leading policy engine designed for Kubernetes, today announced that it has achieved substantial business growth by welcoming new enterprise customers like IQVIA, PCI Energy Solutions, and ProSoft Technology, and expanding its ecosystem through partnerships with Amazon Web Services (AWS), Red Hat OpenShift and Venafi. Led by advancements in the Nirmata Policy Management and Governance solutions built on the open-source project Kyverno, the company reached key milestones, including exceeding over 300 million Kyverno image pulls, 3K Github stars, and celebrating the project’s recent move to incubating status.

According to new research, the prominence of Kubernetes in cloud-native environments has created additional security challenges, with 93% of respondents experiencing at least one security incident in their environment in the previous year. Weak areas like cloud misconfigurations ranked in the top three most common types of security attacks today, accounting for 15% of breaches, and required an average of 244 days to identify and contain. To help organizations securely manage their cloud infrastructure, Nirmata empowers platform teams to collaborate and ensure that applications can be deployed quickly and securely across the entire software supply chain.

“Organizations essential to the global economy have become prime targets for disruptive attacks that are driving their costs up, and that is exactly why our policy management and governance approach in DevSecOps is resonating,” said Jim Bugwadia, CEO and Co-Founder of Nirmata. “With Nirmata, businesses have seen the value of being able to increase their state of security readiness. By preventing cloud misconfigurations and actively managing their risks throughout the software supply chain, they are able to drastically reduce the potential of a breach and associated costs.”

Kubernetes has quickly become the de facto container orchestrator that keeps organization services operational. The more containers are utilized the more challenging it becomes to manage them, as the declarative nature of Kubernetes and extensive YAML configuration makes it harder to pinpoint misconfigurations. Built specifically for Kubernetes, the Nirmata Policy Manager that is powered by Kyverno, enables platform teams to succeed by configuring policies from build to run in YAML which prevent misconfigurations and automate security.

Nirmata and Kyverno Community Milestones

  • Kyverno moved from sandbox to incubating status
  • 3K GitHub stars with fast growing community
  • Over 300 million Kyverno image pulls

Enterprise Customer Success and Traction

The momentum behind the success of the company stems from its commitment to customer success. Recent traction in the enterprise with new customer wins such as PCI Energy Solutions, which optimizes over half the power generated in North America and is used by 70 percent of the Fortune 500 energy and utility firms in the U.S., and Prosoft Technology, which provides industrial automation and control applications to manufacturing plants, foundries, oil wells and water treatment plants. Additionally, the Nirmata DevSecOps Platform continues to prove its value in current customer deployments like the largest electric power company in the U.S..

Technology Advancements

With the growing number of components to build, manage and secure, Kyverno 1.8.0 was recently introduced, which includes new features like YAML manifest signing and validation, new pod security rule type and GitOps friendly rule auto-generation. The substantial features included in this release can be viewed here.

Ecosystem Growth

The growing adoption of Kyverno has increased the collaboration and dialogue of policy management within the community. Initially proven out at scale by the likes of Deutsche Telekom, Vodafone, Blinkit, and William Sonoma, and open-source projects like Flux and Tekton, Kyverno’s popularity continues to rise and can be used with other open-source projects, including:

  • Linkerd and Istio: Enforce service mesh best practices
  • Crossplane: Apply governance and control costs
  • Tekton: Secure pipelines throughout the delivery process

As the shift to DevSecOps enables organizations to reduce their risk posture and eliminate costly rework, Kyverno is becoming the standard for policy and authorization for Kubernetes. The recent partnership expansions with Venafi and Amazon EKS-A Bare Metal underscore the company’s extended position through reach and technological advancements.

To get started, register for a free trial of Nirmata Policy Manager here.

Learn more about Kyverno at KubeCon+CloudNativeCon North America in Detroit on October 24-28 at booth S126. Schedule a meeting in advance of the conference by filling out this form.

About Nirmata, Inc.

Nirmata, the creator of Kyverno, provides open source and commercial enterprise solutions for governance, compliance, security, and automation of Kubernetes. Nirmata lets DevSecOps teams ensure the security, compliance, and operational readiness of their Kubernetes Workloads and Clusters by; automating the lifecycle management of policy-based Intelligent Guardrails, delivering policy insights, alerts, and reports, and facilitating team collaboration through integration with DevSecOps process, tools, and workflows. For more information, visit us at You can also follow Nirmata on GitHub, Twitter, and LinkedIn.