Posts under Container Security

Crate.io Using StackRox to Secure CrateDB Clusters on Docker

In this new blog post by Crate.io, read about how they are using StackRox to secure CrateDB Clusters on Docker. StackRox complements the authentication, access controls, and encryption added in Crate 2.0 Enterprise Edition with comprehensive threat coverage for well-known attack vectors on containerized database applications. The post discusses why security is important for a database like CrateDB, and how to use StackRox to protect your data – walking you through the deployment process.

Video demo of alert stories

We’re pleased to present the second video in our demo series. Watch the video below to learn about StackRox alert stories, helping security analysts examine events and data required for enforcement and responsive action. We’ll take a look at how StackRox focuses on techniques all attackers require to move and take action in an environment.

Why a move to containers means a giant leap forward for incident response

Container technology is fundamentally changing the way incident response (IR) is handled within the enterprise, and it is putting agile organizations back in a position of strength against their attackers. Microservices and containers comprise an infrastructure that can be leveraged as a security orchestrator and responder, which allows for radical improvements in both the scale and speed of threat detection, response, and prevention. IR in a traditional environment Today’s systems have become too distributed, integrate too many programs, and present too many attack surfaces for security analysts to thwart attacks effectively.

Overview of StackRox map view and visibility features

We’re pleased to begin our video demo series walking you through the StackRox platform. Our first video features a look at our map view and visibility features. This allows security teams to quickly understand what’s impacting their infrastructures, and gain a clear view of the risk across their overall environment.

Clearing the enterprise’s path to the public cloud with container security

Enterprise organizations across diverse verticals, such as 3M, Adobe, Kellogg’s, and Netflix, have been ramping up their use of the public cloud to the point where that usage accounts for a substantial portion of their annual IT spend. ‘Enterprises with big budgets, data centers, and complex applications are now looking at cloud as a viable place to run core business applications’, according to Dave Bartoletti, an analyst at Forrester Research.

How containers and DevOps could have left Equifax’s attackers empty-handed

By now, details of the massive Equifax breach that saw 143 million personal records compromised has made its way around the global news, as well as the broader security and enterprise IT communities. Within these circles, you can bet that anyone responsible for resolving application vulnerabilities is worried about becoming the next headline. There’s little argument that patching applications is a big deal; both in terms of criticality to the organization’s security posture, and in terms of the onerous process it can be when performed in traditional application environments.

5 Questions with Ron Gula

At StackRox, we’re thrilled to have the support of Ron Gula, an industry luminary and invaluable mentor to me for the past decade. Ron is a longtime leader in the security community, having started his career at the National Security Agency (NSA) conducting penetration tests of government networks and performing advanced vulnerability research. Ron is also an experienced entrepreneur, CTO, and CEO, as the original author of the Dragon Intrusion Detection System, CTO of Network Security Wizards (acquired by Enterasys Networks), and cofounder of Tenable Network Security, where he served as CEO from 2002-2016.

CSI: Container Edition - forensics in the age of containers

Forensics in the age of containers You’ve seen it countless times in television’s most popular dramas: professional investigators descend on the scene of a crime to meticulously record and analyze every detail and clue before anyone else can disrupt the scene. If the crime appears to be related to other ongoing cases, clues are tacked to the peg board back at headquarters. Only once all the pieces have been assembled do patterns emerge.

Why everyone from the investor to the C-suite should consider container security

Why everyone from investors to the C-suite should consider container security Over the past few years, virtually all of the most innovative enterprise firms – from multinational banks like Goldman Sachs, to cutting-edge technology companies like Google – have set out to modernize the way they deliver software applications through containers and microservices architectures. By breaking down large applications into smaller, composable pieces, software developers and those in charge of managing applications have discovered that containers – and the microservices approach they enable – allow for software development that is far more agile, resilient, and efficient than traditional monolithic approaches.

Hardening Docker containers and hosts against vulnerabilities: a security toolkit

Introduction Container technology has radically changed the way that applications are being developed and deployed. Notably, containers dramatically ease dependency management, so shipping new features or code is faster than ever before. While Docker containers and Kubernetes are great for DevOps, they also present new security challenges that both security practitioners and developers must understand and address with diligence. Docker’s team of security experts has built some valuable security features into the Docker platform over the last several years.

Protecting against containerized web app attacks

WAF the heck do I do to protect against attacks on my container-based web applications? The hackers who want your organization’s valuable data will invariably target your web applications. Despite the steady increase in distributed denial-of-service (DDoS) attacks and ransomware, web application attacks represent the most common cause of data breaches.1 The vast majority of these attacks are executed by botnets, operated by organized crime2. Their goals: stealing credentials, growing the size of the botnet, and, of course, exfiltrating information that can be used for financial gain.

StackRox on SecurityWeekly

Shortly following our launch, I was a guest on Paul Asadoorian’s Startup Security Weekly show. In this episode, hear about how Sameer and I conceived the idea for the company, how we talked to investors about our ideas, and why our platform uniquely addresses the challenges of enterprises who are embracing containerization and microservices. We also discuss how enterprises are using StackRox to build security into the fabric of their infrastructures as they operationalize their use of containers and microservices.

Introducing StackRox: a modern security platform for the microservices age

The microservices revolution is underway. Businesses using microservices have reduced their development time by as much as 75%, fueling software innovation and competitive advantage. Today more than half of all enterprises using microservices and container technologies like Docker and Kubernetes are running them in production. And a vibrant ecosystem of more than 125 companies including Amazon, Microsoft, Google, Red Hat, IBM, CoreOS, Mesosphere, and others, continues to grow rapidly.