StackRox Delivers Compliance Controls for NIST 800-53
April 21, 2020

StackRox announced the StackRox Kubernetes Security Platform now supports continuous compliance checks for container-relevant controls in NIST 800-53.

StackRox offers federal government agencies and cloud service providers participating in the Federal Risk and Authorization Management Program (FedRAMP) an instant snapshot of compliance with these NIST 800-53 controls.

"NIST 800-53 is a foundational compliance standard for government, and we appreciate the investment StackRox continues to make in supporting this community," said Katie Gray, Partners, Investments at In-Q-Tel. "Incorporating these built-in checks provides yet another way for StackRox users to secure their cloud-native deployments across build, deploy, and runtime and delivers notable time savings."

FedRAMP provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. Federal government agencies under the FedRAMP program and cloud service providers seeking authorization to join the program can now use the new StackRox compliance checks to satisfy the container-specific portions of the NIST 800-53 specification. The StackRox Kubernetes Security Platform allows these organizations to enhance their compliance posture by mapping NIST 800-53 controls to their container environments and delivering an instant snapshot of compliance status, identifying gaps, non-compliance with controls, and vulnerabilities. StackRox also provides detailed remediation information and evidence of compliance to simplify the audit process.

"Helping our government and federal agency customers simplify the process of verifying and demonstrating compliance with NIST 800-53 in their container and Kubernetes environments is just the latest example of our deep commitment to and support for this community," said Branden Wood, Director of Federal Business for StackRox. "Private-sector businesses subject to FedRAMP will also benefit from these out-of-the-box compliance checks, along with our support for other key industry compliance standards."

The StackRox Kubernetes Security Platform is also the first container and Kubernetes security platform to be certified by the Department of Homeland Security (DHS) for use in its Continuous Diagnostics and Mitigation (CDM) program. As agencies continue to adopt cloud-native technologies to increase agility and accelerate application development, StackRox makes it easier for them to secure that infrastructure across build, deploy, and runtime. The StackRox Kubernetes-native approach to security enables these organizations to apply the rich context to prioritize risk and leverage native controls in Kubernetes to defend their cloud-native infrastructure from vulnerabilities and misconfigurations, apply network segmentation policies, and enable runtime incident detection and response.

In addition to NIST 800-53, StackRox ensures compliance with internal agency policies as well as external regulations and specifications, including CIS Benchmarks for Docker and Kubernetes, NIST 800-190, PCI DSS, and HIPAA.

Share this

Industry News

June 17, 2021

Bitrise announced the release of its new enterprise-grade Mobile DevOps platform.

June 17, 2021

Perforce Software announces a partnership with Microsoft to deliver the free Enhanced Studio Pack, providing development tools in a click-to-start model on the Azure cloud.

June 17, 2021

Tigera announced the availability of Calico Cloud in the Microsoft Azure Marketplace.

June 16, 2021

Red Hat announced the general availability of Red Hat’s migration toolkit for virtualization to help organizations accelerate open hybrid cloud strategies by making it easier to migrate existing workloads to modern infrastructure in a streamlined, wholesale manner.

June 16, 2021

BrowserStack announced it has secured $200 million in Series B funding at a $4 billion valuation.

June 16, 2021

Harness announced significant platform updates that address gaps in today's developer and DevOps market.

June 15, 2021

Broadcom announced new capabilities for Value Stream Management (VSM) in its ValueOps software portfolio, seamlessly combining the proven investment planning features of Clarity™ with the advanced Agile management capabilities of Rally® software.

June 15, 2021

Copado announced its Summer 21 Release, opening up its platform for true multi-cloud DevOps for enterprise SaaS and low-code development.

June 15, 2021

SmartBear released a new plug-in for SwaggerHub API design to support IntelliJ IDEA, the popular Java-based integrated developer environment (IDE).

June 14, 2021

Accurics announced a technology partnership with GitLab as well as the general availability of its integration with GitLab's Static Application Security Testing (SAST) solution.

June 14, 2021

SmartBear released new versions and add-ons of test management solution, Zephyr Enterprise, with major upgrades for businesses in critical industries.

June 14, 2021

ShiftLeft has released a tool enabling businesses to independently benchmark and validate the accuracy of ShiftLeft CORE using the Open Web Application Security Project (OWASP) Benchmark Project, a Java test suite designed to evaluate the accuracy of vulnerability detection tools.

June 10, 2021

Contrast Security announced the release of Contrast Scan that revolutionizes static application security testing (SAST) with pipeline-native static analysis to analyze code and detect vulnerabilities early on in the software development life cycle (SDLC).

June 10, 2021

CyberArk announced the availability of CyberArk Cloud Entitlements Manager, CyberArk Endpoint Privilege Manager and CyberArk Workforce Identity on Amazon Web Services Marketplace (AWS Marketplace).

June 10, 2021

Komodor announced a $21 Million Series A funding round led by Accel.