StackRox Announces New Release of Container Security Platform
July 12, 2018

StackRox announced a new release of its Container Security Platform.

The new release is an integrated, full life cycle solution for container security that incorporates a feedback loop between the different phases of the container life cycle. This functionality uses threat information detected at runtime to inform risk scoring and policy enforcement as containers are built and deployed, resulting in actionable insights with greater context.

The StackRox Container Security Platform provides a feedback loop that leverages runtime data to proactively identify security risks earlier in the container life cycle. This software release also marks the first time that a full life cycle container security platform protects against key orchestrator-based threats, which have gained prominence due to recent high-profile compromises. The new release helps customers automatically catch potential security issues based on observed application behavior at runtime and extends its policy management capabilities to the additional attack surfaces introduced by orchestration systems themselves. The update also includes new capabilities that help customers reduce the attack surface during the build and deploy phase of the container life cycle.

“The StackRox Container Security Platform’s integrated approach streamlines decision making and fosters collaboration between security and DevOps,” said Wei Lien Dang, StackRox’s VP of Product. “Because our platform has a feedback loop that ties together capabilities across different phases of the container life cycle – as opposed to providing functionality on a standalone basis – it provides customers with an unmatched level of security against emerging container-based threats. It eliminates entire workflows that security operators would typically have to go through.”

The platform lets customers configure the new integration with just a couple clicks; as a result, security operators benefit from spending less time hunting for security issues and having to interpret how threat activity could potentially impact other parts of their container environment. This approach is adaptive to an enterprise’s ongoing and evolving security posture and is built for the speed and volume of data being generated in container environments so that customers don’t miss anything.

To augment security throughout the container life cycle, the StackRox Container Security Platform now supports vulnerability scanning and policy enforcement for network segmentation and secrets.

Specific to orchestrator-based threats, the platform evaluates configurations of security capabilities native to the orchestrator itself, such as role-based access controls, network policies and secrets in Kubernetes. If an attacker uses tools to conduct reconnaissance and scanning within the container environment or exploits orchestrator misconfigurations, the StackRox container security platform will detect that activity.

The new release of the StackRox platform adds core detection functionality to expose orchestrator-specific attacks that rely on exploiting certain components within Kubernetes environments, including the kubelet, Kubernetes service endpoints or metadata servers. Recently several examples of orchestrator-related attacks have been published, including a compromise of Tesla’s Kubernetes infrastructure that allowed attackers to mine cryptocurrency and a report that detailed how an attacker could have compromised Shopify’s Kubernetes clusters. The new StackRox release protects against these types of threats by default.

This upgraded version of the StackRox Container Security Platform will be generally available this month.

The Latest

November 15, 2018

Serverless infrastructure environments are set to become the dominant paradigm for enterprise technology deployments, according to a new report — Why the Fuss About Serverless? — released by Leading Edge Forum ...

November 14, 2018

What to automate? Which parts of the delivery process are good candidates? Which applications will benefit from automation? At first, those sound like silly questions. Automate all your repetitive processes. If you think that you'll do the same thing manually more than once, automate it. Why would you waste your creative potential and knowledge by doing things that are much better done by scripts? Yet, an average company does not adhere to that logic. Why is that? ...

November 13, 2018

I'd love to see more security automation deeply integrated into the development process. Everybody knows since the 1990s that security as an afterthought just doesn't work, yet we keep doing it. The reason, I think, is because it's very hard to automate security ...

November 09, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 5, the final installment, covers deployment and production ...

November 08, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 4 is all about security ...

November 07, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 3 covers the development environment and the infrastructure ...

November 06, 2018

DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 2 covers the coding process ...

November 05, 2018

Everyone talks about automating the software development lifecycle (SDLC) but the first question should be: What should you automate? With this question in mind, DEVOPSdigest asked experts from across the IT industry for their opinions on what steps in the SDLC should be automated. Part 1 starts with by-far the most popular recommendation: Testing ...

October 31, 2018

Halloween is a time for all things spooky, but not when it comes to your mobile app experience. A poor experience can not only scare off your customers but keep them away for good ...

October 30, 2018

As organizations have embraced open source, they have become polyglot — using multiple programming languages and technology stacks to accomplish software and hardware related tasks. Enterprises are caught between the benefits provided by a polyglot environment and the complexities and challenges these environments bring. Ultimately, if the situation remains unchecked, polyglot will kill your enterprise ...

Share this