Container usage for production deployments in enterprises is still constrained by concerns regarding security, monitoring, data management and networking. So begins the Gartner report, listing those concerns as the number one key challenge limiting container adoption. The cost of bolting on security later in the container lifecycle is steep, and making substantial changes to your infrastructure to move from dev/test into prod means you won’t realize one of the key advantages of containerization - namely, speed.
This is the first of a three-part blog series reviewing Gartner Security & Risk Management Summit 2019. Don’t forget to read article two titled Gartner on Securing Cloud-Native Apps, and article three titled Gartner: How-To Guide on Securing Containers. After considering nearly two dozen security projects, Gartner analysts included container security on their list of top projects to undertake in 2019 at the Security and Risk Management conference last week.
Another quarter, another Kubernetes release! On June 19, the Kubernetes Release Team announced the delivery of Kubernetes 1.15. The first thing that jumps out about Kubernetes 1.15 is that, in contrast to previous releases, it introduces relatively few new features. This is actually exciting! It is a sign that the project has reached a certain level of stability and maturity. Organizations can now more easily hop on the Kubernetes train, without having to worry about keeping up with the same flurry of feature additions and deprecations (along with rapidly-changing best-practices) that has been the norm until now.
Anyone who has even a passing interest in Kubernetes and the cloud native ecosystem has probably heard of Istio. Getting a clear description of what exactly Istio is, what it can (and can’t) do, and whether it’s a technology you might need are all a little harder to find. Hopefully, this post will help clear up some of the confusion. The Istio Service Mesh What is a service mesh? The term “service mesh” can apply either to the set of overlapping network connections between services in a distributed application or to a set of tools used to manage that group of connected services.
Wow! We went to the CODiEs awards ceremony last night hoping to come home with a win and came home with two! The StackRox Kubernetes Security Platform won both Best Emerging Technology and Best Network Security Solution! These wins continue a long stream of wins, including Best Emerging Technology from SC Magazine, a Gold Stevie Award, Most Innovative Company in the Cybersecurity Excellence Awards, and a Gold Winner in the Info Security PG Global Excellence Awards – all just this year!
Today news broke that Palo Alto Networks (NYSE: PANW) is buying container security startup Twistlock for approximately $410 million. The acquisition provides great validation of the container security market and broader cloud-native security market. Twistlock is Palo Alto’s third security acquisition since Nikesh Arora took over as CEO and reflects the growing importance of the broader cloud security market. Enterprises today are looking for ways to enforce security and compliance policies as they embrace the business benefits of cloud-native application architectures across multi-cloud and hybrid cloud environments.
Kubernetes is a powerful tool for building highly scalable systems. As a result, many companies have begun, or are planning, to use it to orchestrate production services. Unfortunately, like most powerful technologies, Kubernetes is complex. How do you know you’ve set things up correctly and it’s safe to flip the switch and open the network floodgates to your services? We’ve compiled the following checklist to help you prepare your containers and kube clusters for production traffic.
Greetings from the Red Hat Summit in Boston! We had a great time at OpenShift Commons yesterday, and today we’re talking to folks about some joint news between StackRox and Red Hat – the StackRox Kubernetes Security Platform is now available as a Red Hat certified container, and customers can get our software through the Red Hat Container Catalog. This certification makes it easier for OpenShift customers to access enhanced security and compliance capabilities that complement Red Hat’s Kubernetes platform.
You like us – you really like us! It would seem StackRox is having its Sally Field moment, taking top honors again – this time in the American Business Awards as a 2019 Stevie Gold Winner. The StackRox Kubernetes Security Platform won gold in the DevOps Solution category amongst a field of 3800 entries. The Stevie Award judges called out several advantages of the StackRox Kubernetes Security Platform, including: “Early intervention and pinpoint accuracy.
What happened? In an email to customers, Kent Lamb, Director of Docker Support, wrote “During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds.” As a result of this breach, it’s possible that images in your Docker Hub repository may have been tampered with or overwritten.
We’re excited to announce today that we’ve added support for the latest version of the Google Cloud Security Command Center (Cloud SCC). StackRox has collaborated with the Cloud SCC team as part of our Google Cloud partnership since Cloud SCC’s alpha release, and we’re excited that the platform is now generally available. The StackRox Kubernetes Security Platform enables customers to meet their security and compliance requirements across the container lifecycle, and we’ve integrated deeply with Kubernetes to deliver the key capabilities essential to an effective container security solution.