StackRox Awarded Second DHS Contract for Automated Sharing of Container Threat Information

StackRox Support for Structured Threat Indicator eXpression (STIX) Helps Financial Institutions Share Cybersecurity Information to Prevent Breaches


MOUNTAIN VIEW, Calif. – April 3, 2018 – StackRox today announced it was awarded a Phase II $200,000 contract by the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) to advance container threat information sharing.

DHS had awarded StackRox a $200k Phase I contract in July last year to harden the cyber-defenses of financial institutions. For Phase II, StackRox has added STIX support to its platform to help financial institutions share cybersecurity information to prevent an attack from hitting multiple organizations.

STIX is a collaborative effort to develop a standardized, structured language to represent cyber-threat information. The STIX framework intends to convey the full range of potential cyber-threat data elements and strives to be as expressive, flexible, extensible, automatable and human-readable as possible to automate sharing between people, products and organizations. The DHS Office of Cybersecurity and Communications, National Cybersecurity and Communications Integration Center, and U.S. Computer Emergency Readiness Team (US-Cert) are leading efforts to automate and structure operational cybersecurity information-sharing techniques across the globe. StackRox has added STIX support to its platform to enable sharing of container threat data so organizations can use the data to prevent breaches from occurring.

“We are pleased to work with DHS to defend and secure our nation’s critical infrastructure,” said Sameer Bhalotra, chairman and CEO for StackRox. “DHS and U.S.-CERT are leading global efforts to support new standards like STIX to automatically share threat data and harden the cybersecurity of organizations against attacks or breaches that have occurred. We have added STIX support to our platform to help ensure that container-native cyber-threat information is accessible to public and private sector organizations to stop an attack from being effective against other organizations.”

The NGCI Apex program addresses the cybersecurity challenges facing our nation’s critical infrastructure sectors, enabling infrastructure to operate effectively, even in the face of sophisticated, targeted cyberattacks. The award was granted under the Financial Services Cyber Security Active Defense (FSCSAD) Solicitation—HSHQDC-17-R-00008—issued under the DHS S&T Silicon Valley Innovation Program (SVIP) Other Transaction Solicitation (OTS) authority. SVIP uses this OTS to fund nontraditional performers as they develop solutions for the most challenging threats facing DHS and homeland security practitioners across the country.

Resources:

About StackRox

Founded in 2014, StackRox helps enterprises secure their cloud-native applications at scale from container build and deployment through runtime. StackRox enables security teams to centralize container deployment governance, visualize the container attack surface, expose malicious activity, and stop attacker activity. It combines a new security architecture, machine learning, and protective actions to disrupt attacks in real time and limit their impact. Backed by Sequoia Capital, StackRox is the choice of Global 2000 enterprises and government agencies.