StackRox Offers Free Assessment with StackRox Prevent to Provide a Contextual Profile of Overall Container Security Posture from Build to Deploy
MOUNTAIN VIEW, Calif. – February 22, 2018 – Today StackRox announced the beta of StackRox Prevent, a new product that enables security teams to minimize their container attack surface from build to deployment. The new solution synthesizes information across diverse security and DevOps datasets and tools, such as Kubernetes, into actionable insights, giving security leaders the holistic perspective they need to make strategic, risk-driven decisions. StackRox is also offering free assessments using the new tool, giving organizations an instant profile of risk across their Docker container environments.
In “10 Things to Get Right for Successful DevSecOps”, Neil MacDonald, VP, Distinguished Analyst, Gartner, and Ian Head, Research Director, Gartner, wrote that security and risk management (SRM) tasked with ensuring application and data security should: “Scan for known vulnerabilities and misconfigurations in all open-source and third-party components. Ideally, build out a complete bill of materials using software composition analysis.” They also recommend: “Stop trying to remove all unknown vulnerabilities in custom code, which increases false positives. Instead, focus developers on those with the highest severity and confidence.”*
StackRox Prevent automates security and compliance for container deployments based on monitoring and analyzing information across multiple dimensions – including vulnerability scans, as well as host, container and orchestrator configurations. This approach eliminates the time-consuming, complex work required to pinpoint and remediate security risks, and helps security teams share actionable information with DevOps teams using integrations with familiar workflow tools.
StackRox Prevent delivers:
- A comprehensive picture of container risk. Via deep orchestrator integration, security teams can establish risk awareness at the service and cluster levels. The holistic view of the entire container attack surface StackRox Prevent generates helps organizations make risk-informed security decisions.
- Host, container, and orchestrator configuration assessment. StackRox Prevent enables security teams to easily identify security risks spanning various parts of the container stack and fast-track remediation efforts to eliminate container vulnerabilities and misconfigurations.
- Simplified container governance. StackRox eliminates complexities by automating configuration checks and policy enforcement across multiple platforms.
“At StackRox, we’re committed to helping our enterprise and government customers secure their container environments across all phases of the container lifecycle,” said Sameer Bhalotra, co-founder and CEO for StackRox. “We’re pleased to offer this comprehensive approach of using StackRox Prevent to mitigate risks by eliminating vulnerabilities and misconfigurations in the build and deploy phases along with our flagship product – StackRox Detect and Respond – for runtime security in production environments.”
The StackRox Prevent beta and free assessment service are now available, with general availability of StackRox Prevent expected in Q2 2018.
- Sign up for a free assessment using StackRox Prevent
- Deep dive into StackRox Prevent
- Learn more about StackRox Prevent
- Connect with StackRox at stackrox.com, Twitter, LinkedIn, and Facebook
*Gartner, 10 Things to Get Right for Successful DevSecOps, Neil MacDonald and Ian Head, 3 October 2017.
Founded in 2014, StackRox helps enterprises secure their cloud-native applications at scale from container build and deployment through runtime. StackRox enables security teams to centralize container deployment governance, visualize the container attack surface, expose malicious activity, and stop attacker activity. It combines a new security architecture, machine learning, and protective actions to disrupt attacks in real time and limit their impact. Backed by Sequoia Capital, StackRox is the choice of Global 2000 enterprises and government agencies.