Announcing our Latest Software Release: Extending our Leadership in Kubernetes Security

Here at StackRox, we continue to deliver product innovations that help our customers more effectively protect their cloud-native environments. Our platform’s Kubernetes-native approach ensures that security is built into infrastructure, not bolted on, while integrating seamlessly with existing DevOps workflows and toolchains. The end result: better scalability, greater consistency, and less operational risk for your applications and infrastructure.

Today we’re taking a moment to detail a range of new features in the latest release, version 2.5, of the StackRox Kubernetes Security Platform. These new security controls include:

  • Kubernetes Network Policy Generator – StackRox automatically baselines network activity to help operators quickly understand allowed but unnecessary network connectivity between applications. It updates and configures Kubernetes network policies so that you can rest assured that allowed network communication is limited to only what is required throughout your environment.
  • Automated Process of Allow Lists – StackRox discovers and baselines all process activity within every single container using machine learning, allowing the platform to rapidly hone in on suspicious processes that you can opt to selectively add to an allow list. As a result, you can more effectively detect threats at runtime across your applications.
  • Dynamic Admission Control – you can configure StackRox to provide a Kubernetes admission controller that enforces policies at deploy-time based on pre-configured or customized criteria.
  • Kubernetes RBAC Assessment – StackRox monitors the Role-Based Access Control (RBAC) settings in Kubernetes to analyze service account privileges and discover misconfigurations, identify best practice violations, assess risk, and perform compliance checks against both industry standards and custom policies.
  • Scoped Access Control – administrators now have greater flexibility in configuring user access based on Kubernetes boundaries such as clusters or namespaces to better meet the operational needs of both security and DevOps teams.
  • Improved Offline Deployment – our platform is built to run in many different types of environments, depending on your requirements. We’ve enhanced how StackRox operates in those environments with custom security notices, offline vulnerability definition updates, and streamlined deployments.

As we continue to drive innovation with our industry-only Kubernetes-native container security platform, we want to thank our equally innovative customers for the insights they share that help guide our product direction. They, like we, are continually breaking new ground in their respective industries – their creativity fuels ours, and we are fortunate to have their trust.