Today we are excited to announce a new partnership with Google Cloud Platform (GCP) to jointly deliver end-to-end security across the cloud-native stack for any enterprise. Together, StackRox and Google will accelerate customers’ adoption of secure, containerized application architectures.
No company knows more about containers than Google. They have run containers in production for over a decade, and pioneered an ambitious new approach to enterprise computing at scale. Google originated Kubernetes and continues to be its largest contributor in every release, even after more than 58,000 commits. Our new collaboration is borne out of a shared vision and commitment to enable customers to realize the flexibility and agility of container technologies while maintaining full control of their applications at scale.
An unmatched combination for container security
The current cloud-native threat landscape is not well-defined and new attack patterns continue to emerge. Vulnerabilities and misconfigurations can leave customers’ applications susceptible to attackers executing arbitrary code, moving laterally, escalating privileges, hijacking containers, and exfiltrating data. Solving these problems is where StackRox excels.
We give security teams the ability to visualize the container attack surface, expose malicious activity, and stop attacker activity. StackRox’s unique approach disrupts container attacks in real time to limit their impact. By bringing together our runtime security capabilities with the security controls developed by Google that are available in Google Kubernetes Engine (GKE), enterprises will now be able to easily secure containers across their entire lifecycle from build to runtime.
Helping customers secure their cloud-native apps
As Google’s partner for container security, the StackRox team of security experts will work closely with the GCP team to advance security for containerized applications running on GKE and GCP, as well as Kubernetes generally. Our work will focus on the following key areas:
- Native security integrations. Today, StackRox incorporates native integrations with Kubernetes and GKE environments. We will be working closely with the Google team to expand on this existing support and develop additional native security integrations with GKE and GCP infrastructure. This will provide customers with unified security management across their container environments.
- Large-scale operational testing. Many of our enterprise customers are adopting containers to run web-scale services in the cloud. Several organizations, including a Fortune 500 financial services firm, have deployed StackRox to secure their applications running on GKE. We will leverage the Google team’s expertise running highly scalable, distributed systems and perform large-scale tests to operationalize runtime security at significant scale.
- Threat research. StackRox and Google share the same goal of reducing customers’ exposure to attacks on their applications. Achieving this requires a better understanding of new, cloud-native threat vectors in order to implement security measures that effectively limit the blast radius of a given attack. We will be working with the GCP security team to conduct threat research and analyze techniques used by attackers within container environments.
- Reference architecture. Customers often ask us about the security controls they should implement within Kubernetes environments. We will work to provide a reference architecture that enables comprehensive security with a combination of StackRox and the security already built into GCP infrastructure.
- Market education. We will also collaborate to help educate customers and the broader Kubernetes community on security best practices. This is intended to support enterprise security and IT practitioners who are managing their organizations’ transition to cloud-native applications.
Our partnership with Google will give customers the strongest combination of security controls when running containers and microservices in the cloud. StackRox is at KubeCon this week giving demos of its product. We expect to post additional updates in the coming months, so stay tuned for announcements, or contact us if you would like more information.