The StackRox Container Security Platform
Today we announced that we will release an updated version of the StackRox Container Security Platform later this month. As we continue to lead the industry in container security innovation, we are excited to detail our new capabilities.
Over the past nine months or so since we started shipping our software, we have seen a few consistent patterns among our enterprise customers. These organizations remain focused on reducing the attack surface across their container environments, and addressing orchestrator-based threats are a key part of that initiative. We have also heard enterprises zero in on the need for security to continuously adapt to the speed and scale of container environments.
We’ve augmented the StackRox Container Security Platform in three specific ways to help customers stay ahead of these issues:
- New ways to reduce the attack surface – we have expanded our security capabilities throughout the container life cycle by adding vulnerability scanning and policy enforcement for network segmentation and secrets. The platform provides simplified workflows to manage security controls across the entire container stack, including those that exist natively within systems like Kubernetes.
- Protections against orchestrator attacks – as the threat landscape evolves, customers’ security concerns have broadened beyond isolation at the container level (and the risk of container breakouts) to encompass the possibility of compromise via orchestration systems. Threat vectors highlighted by issues at Tesla and Shopify have heightened awareness about the need for orchestrator-centric security. In this new release, the StackRox Container Security Platform evaluates role-based access controls, network policies and secrets in Kubernetes and detects exploits on certain components within Kubernetes environments, including the kubelet, Kubernetes service endpoints or cloud metadata servers.
- Continuous improvement – our platform now uniquely incorporates a “feedback loop” that leverages information across phases of the container life cycle to deliver more effective security. It leverages threat information at runtime to proactively identify security risks earlier, and it benefits from declarative metadata generated as images are built and containers are deployed to improve policy enforcement.
With this month’s updates to the StackRox Container Security Platform, we have once again advanced security for enterprises running containers in production. We would love to show you our platform in action – sign up for a customized demo, or request your own container risk assessment so you can see it in your environment.