StackRox Kubernetes Security Platform 2.5 Released
August 29, 2019

-StackRox announced the general availability of version 2.5 of the StackRox Kubernetes Security Platform.

The new version includes enhanced deployment and runtime controls that enable organizations to seamlessly enforce security controls to improve use cases including vulnerability management, network segmentation, configuration management, and threat detection.

These security controls further strengthen StackRox's position as the only Kubernetes-native container security platform that leverages inherent Kubernetes capabilities for policy enforcement. With StackRox, organizations can increasingly adopt a "security as code" model and ensure that security is built in to the infrastructure versus bolted on.

The enhanced security controls available in version 2.5 of the StackRox Kubernetes Security Platform include:

- Kubernetes Network Policy Generator — StackRox automatically baselines network activity, identifies allowed but unnecessary network connectivity, and updates Kubernetes network policies to achieve more secure network configurations.

- Automated Process Whitelisting — StackRox leverages machine learning to baseline process activity within containers, automatically identify anomalous processes that operators can selectively whitelist, and can take specified action to prevent threats at runtime.

- Dynamic Admission Control — StackRox can be optimized to provide a Kubernetes admission controller so organizations can prevent the deployment of containers based on pre-configured or custom policies set within StackRox.

- Kubernetes RBAC Assessment — StackRox analyzes Kubernetes Role-Based Access Control (RBAC) settings to understand user and service account privileges and applies this context to determine misconfigurations, identify best practice violations, inform risk assessment, and check compliance with industry standards and custom policies.

- Scoped Access Control — StackRox enhancements to role-based access control (RBAC) features allow organizations to manage and limit user access based on Kubernetes boundaries such as clusters and namespaces.

- Improved Offline Deployment — StackRox now includes additional features for customers running in air-gapped networks with no Internet connectivity, including custom security notices, offline vulnerability definition updates, and a streamlined deployment experience.

"Kubernetes provides the ideal foundation for us to provide robust, portable, and consistent security across on-premise, cloud, and hybrid infrastructure environments without creating additional operational risk," said Wei Lien Dang, co-founder and VP of Product at StackRox. "We're able to support our customers' needs for new security controls that are aligned with DevOps workflows and toolchains and are easy to implement at scale."

These new security capabilities are available in the current release of the StackRox Kubernetes Security Platform.

Share this

Industry News

January 22, 2020

CollabNet VersionOne and XebiaLabs have merged.

January 22, 2020

Keyfactor announced DevOps integrations with automation and containerization providers Ansible, Docker, HashiCorp, Jenkins and Kubernetes to offer security-first services and solutions designed to seamlessly integrate with existing enterprise tools and applications.

January 22, 2020

Sysdig raised $70 million in Series E funding.

January 21, 2020

Red Hat announced the general availability of Red Hat OpenShift Container Storage 4 to deliver an integrated, multicloud experience to Red Hat OpenShift Container Platform users.

January 21, 2020

Snyk has secured a $150 million investment, led by Stripes, a leading New York-based growth equity firm.

January 21, 2020

vChainannounced the close of a $7M Series A investment round.

January 16, 2020

VAST Data announced the general availability of its new Container Storage Interface (CSI).

January 16, 2020

Fugue has open sourced Regula, a tool that evaluates Terraform infrastructure-as-code for security misconfigurations and compliance violations prior to deployment.

January 16, 2020

WhiteHat Security will offer free application scanning services to federal, state and municipal agencies in North America.

January 15, 2020

Micro Focus announced the release of Micro Focus AD Bridge 2.0, offering IT administrators the ability to extend Active Directory (AD) controls from on-premises resources, including Windows and Linux devices to the cloud - a solution not previously offered in the marketplace.

January 15, 2020

SaltStack announced the availability of three new open-source innovation modules: Heist, Umbra, and Idem.

January 15, 2020

ShiftLeft announced a partnership and deep integration with CircleCI that enables organizations to insert security directly into developer pull requests from code repositories.

January 14, 2020

Containous closed $10 million in Series A funding.

January 13, 2020

JFrog announced the launch of the free ConanCenter, enabling better search and discovery while streamlining C/C++ package management.

January 13, 2020

Perfect Sense launched Gyro - a cloud management tool that mitigates the risks associated with manually provisioning and managing infrastructure, lack of standards in configurations, and unpredictable results from changes to cloud infrastructure.