StackRox Kubernetes Security Platform Offers New Compliance Capabilities
February 27, 2019

StackRox introduced new compliance capabilities to the StackRox Kubernetes Security Platform, enabling organizations to verify and provide evidence for compliance with NIST SP 800-190, PCI DSS 3.2 and HIPAA standards.

The StackRox Kubernetes Security Platform enables companies to automatically and instantly check for compliance, identify gaps or non-compliance with controls, obtain clear and detailed remediation information, and provide evidence of compliance ahead of audits. Pre-built reports and drill-down capabilities provide the flexibility to meet the various requirements of audit, compliance and security teams.

The StackRox platform provides a consistent set of features across each compliance standard:

- Dashboard — delivers an at-a-glance view of overall compliance showing violations of the relevant standard’s controls

- Reports — offers tailored PDF reports that can be exported to provide an overview of the organization’s adherence to a given standard or specification

- Evidence — provides the ability to export CSV files that auditors can use to document each specific control described in a standard

- Customizable Environment Views — enables users the flexibility to review compliance details at the cluster, node or namespace level

- Data Drill Down — delivers the capability to explore detailed information on areas of non-compliance with specific controls

The StackRox Kubernetes Security Platform includes an augmented compliance framework that provides automated checks and ongoing monitoring of controls, configurations and policies for:

- National Institute of Standards and Technology (NIST) SP 800-190 – StackRox is the only container security solution that has received investment and support from In-Q-Tel.

- Payment Card Industry Data Security Standard (PCI DSS) 3.2 – StackRox has also published PCI Compliance in Container Environments: A Definitive Guide.

- Health Insurance Portability and Accountability Act (HIPAA) – StackRox helps entities demonstrate compliance with HIPAA, including data segregation.

The StackRox Kubernetes Security Platform simplifies the compliance process with a series of continuous and on-demand checks. The additional capabilities for NIST, PCI, and HIPAA augment existing support for Center for Internet Security (CIS) benchmarks for containers and Kubernetes. The platform provides the greatest breadth of automated checks and enforcement capabilities via native infrastructure for the strongest container and Kubernetes compliance controls on the market.

“Integration with Kubernetes is critical to delivering such a powerful and efficient compliance solution,” said Wei Lien Dang, StackRox VP of Product. “The StackRox approach is embedded directly in the infrastructure and integrated with Kubernetes-specific configurations, which means security and DevOps speak the same language and share a common view of the compliance controls in their environments.”

These new compliance capabilities are available in the current release of the StackRox Kubernetes Security Platform.

Share this

Industry News

November 13, 2019

Testim introduced the Testim Development Kit, a new way for developers to quickly create resilient tests directly in code.

November 13, 2019

Rollbar announced an error monitoring solution for Salesforce’s Apex platform.

November 13, 2019

StackRox announced version 3.0 of the StackRox Kubernetes Security Platform.

November 12, 2019

VMware announced rapid advancement of VMware Tanzu, a new portfolio of products and services designed to transform the way enterprises build, run and manage software on Kubernetes.

November 12, 2019

SmartBear released ReadyAPI 3.0. This latest release addresses the increasing requirement for organizations to consistently deliver high-quality APIs in order to meet accelerated business demands within compressed release cycles.

November 12, 2019

Aqua Security announced its expansion into cloud security posture management (CSPM) with its acquisition of CloudSploit.

November 07, 2019

To help developers increase the speed and quality of their SQL coding, enhance efficiency, and take advantage of the latest improvements in SQL Server, Redgate has released a major upgrade for its most popular tool, SQL Prompt.

November 07, 2019

CloudBees announced a partnership with Atos and VMware surrounding a solution to help customers adopt DevOps best practices at scale on Atos’ recently announced Atos Digital Hybrid Cloud (DHC) powered by VMware Tanzu and CloudBees cloud native continuous integration/continuous delivery (CI/CD) enterprise solution.

November 07, 2019

Fugue announced the release of the Fugue Best Practices Framework to help cloud engineering and security teams identify and remediate dangerous cloud resource misconfigurations that aren’t addressed by common compliance frameworks.

November 06, 2019

Red Hat and the Quarkus community announced Quarkus 1.0.

November 06, 2019

Copado announced its Winter 20 release to provide Salesforce customers the fastest path to continuous innovation.

November 06, 2019

Applause announced its new solution for AI training and testing.

November 05, 2019

Broadcom announced an expanded collaboration with Infosys to help SAP customers mitigate risks and costs associated with the upgrade to SAP’s next-generation enterprise resource planning application, S/4HANA.

November 05, 2019

Opsani AI is now generally available for services providers running on Microsoft's Azure cloud computing platform.

November 05, 2019

Wind River announced the release of its latest version of Wind River Simics.