StackRox – Unique Innovations for Hardening Kubernetes

Just in time for KubeCon next week, we’re announcing today the 3.0 version of our StackRox Kubernetes Security Platform. We’re really proud of the industry-first capabilities we’re introducing with this upgrade, enabling our customers to better harden their Kubernetes and container environments.

Every time we build new functionality into our platform, we keep a relentless focus on the staff responsible for operationalizing container and Kubernetes security. This lens informs everything about how we design new capabilities. In today’s update, we introduce new workflows for configuration and vulnerability management that combine new features and more streamlined processes. These innovations help Security and DevOps teams identify and fix misconfigurations and vulnerabilities faster and more efficiently.

Our configuration management capabilities have strong ties to the Cloud Security Posture Management (CSPM) market, and our platform is among the Cloud Workload Protection Platforms (CWPP) on the market. Given this new functionality, one leading industry analyst noted, “you’re the first to provide CSPM along with CWPP for Kubernetes, managed Kubernetes, and containers. You’ve built Kubernetes Security Posture Management.”

And we’re not the only ones excited about these cool new capabilities!

“Mitigating the growing threat of Kubernetes vulnerabilities and avoiding misconfigurations are major priorities for cloud-native organizations like ours. The new workflows from StackRox enable our teams to automatically identify and address these risks, so that we can be smarter about how to focus our time and resources when it comes to securing our Kubernetes applications. StackRox allows us to keep moving fast on our digital transformation initiatives while improving our security.”

Maxx Lobo, CTO of Ask Media Group, speaks to the ongoing challenge of balancing speed to innovation with secure app dev infrastructure and processes. StackRox helps companies achieve that balance – providing the guardrails for teams to move fast while still building securely.

StackRox Platform Solution Brief

Download the StackRox platform solution brief for a complete list of product capabilities.

Download Now

For configuration management, StackRox is introducing a whole range of capabilities focused on configuring both Kubernetes and containers more securely. Our 3.0 platform provides:

  • Interactive dashboards – showing risk-prioritized misconfigurations, with drill down to critical information about where misconfigurations exist and remediation details.
  • Kubernetes role-based access control (RBAC) assessment – monitoring permissions for users and service accounts to avoid excessive privileges and find other misconfigurations.
  • Kubernetes secrets access monitoring – discovering secrets in Kubernetes and identifying unnecessary access privileges.
  • Kubernetes-specific policy enforcement – finding misconfigurations in network exposures, privileged containers, processes running as root, compliance, and other risk areas.

For vulnerability management, the latest StackRox platform offers:

  • Interactive dashboards – showing vulnerabilities in both images and Kubernetes, stack ranked by risk factor.
  • Discovery of Kubernetes vulnerabilities – identifying critical vulnerabilities in Kubernetes itself, including those related to the Kubernetes API server.
  • Language-specific vulnerabilities – scanning for vulnerabilities that are language-dependent, identifying a broader set of vulnerabilities.

Making it easier to harden your container and Kubernetes environments with these new workflows mitigates the biggest source of risk – human error. We’re focused on helping our customers provide these industry-leading capabilities tied into as many environments as possible. To that end, we’re also expanding the ecosystem of platforms the StackRox Kubernetes Security Platform supports to include:

  • CRI-O container runtime
  • Kubernetes on Distributed Cloud Operating System (DC/OS)
  • Microsoft Teams integration

Finding and stopping the “easy” mistakes, enabling Kubernetes CSPM, better guardrails for DevOps – it’s all part of the StackRox platform. Find the hot spots in your Kubernetes and container environments today with our free trial!