StackRox Added to the Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) Program

MOUNTAIN VIEW, Calif. — July 16, 2019 — StackRox, the leader in container and Kubernetes security, today announced that the StackRox Kubernetes Security Platform has been added to the Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) Approved Products List (APL). U.S.-based StackRox is the first provider of container security solutions to be certified by the Department of Homeland Security (DHS) for the Continuous Diagnostics and Mitigation (CDM) program. The StackRox Kubernetes Security Platform is the industry’s only Kubernetes-native container security platform, and its deep integrations with Kubernetes enable the rich context, native enforcement, and continuous hardening needed to operationalize security throughout the full container life cycle – build, deploy and runtime.

The adoption of cloud infrastructure, including containers and Kubernetes, enables organizations to undergo digital transformation and modernization initiatives to generate significant operational benefits. As such, the Federal Government’s 2019 Federal Cloud Computing Strategy, “Cloud Smart,” has outlined a number of strategies to drive the adoption of safe and secure cloud infrastructure that promotes cost savings, security, and the faster delivery of mission-serving solutions. The CDM Program plays an integral role in the Federal Government’s IT modernization efforts, providing access to solutions that can fortify the cybersecurity of government networks and systems through the APL.

Approved solutions on the CDM APL, including the StackRox Kubernetes Security Platform, have the capabilities to:

  • Find cybersecurity risks on an ongoing basis;
  • Prioritize these risks based upon potential impacts; and
  • Enable cybersecurity personnel to focus on the most significant problems first.

“The Federal Government has seen the enormous growth, innovation and operational benefits enabled by cloud-native technologies and has made the integration of these technologies a top priority to enhance the mission-critical cybersecurity of government networks and systems,” said Chris Klein, director of federal programs for StackRox. “Cloud native isn’t just a trend or an IT fad. To have StackRox selected for the CDM APL underscores the growing importance that technologies such as containers and Kubernetes have in Federal Government systems. The StackRox Kubernetes Security Platform represents the next generation of CDM technologies that will provide a secure and compliant foundation for IT modernization across the federal sector.”

Federal agencies continue to shift workloads from on-premises infrastructure to the cloud, as part of their overall IT modernization efforts. The StackRox Kubernetes Security Platform helps agencies accelerate this shift, supporting continuous diagnostics, monitoring and mitigation through its capabilities that protect cloud-native applications, including:

  • Visibility: Providing comprehensive visibility into container and Kubernetes deployments.
  • Vulnerability Management: Integrating with CI/CD pipelines to protect containers from vulnerabilities throughout their life cycle.
  • Compliance: Enabling continuous compliance checks and reporting for controls defined in CIS Benchmarks for Docker and Kubernetes, NIST SP 800-190, PCI DSS, and HIPAA.
  • Network Segmentation: Implementing firewalling and segmentation policies by providing visibility, simulation, recommendations, and enforcement via Kubernetes network policies.
  • Configuration Management: Automating ongoing checks across environments to protect against misconfigurations in containers and Kubernetes, such as exposed dashboards or metadata.
  • Risk Profiling: Profiling overall risk across workloads by correlating and analyzing various attributes and prioritizing the riskiest deployments that need remediation.
  • Threat Detection and Response: Automatically detecting and preventing threats while minimizing noise and alert fatigue through a combination of rules, whitelists, and behavioral modeling.

The StackRox Kubernetes Security Platform is now available to all federal agencies, commissions and departments with container and Kubernetes deployments through contractors approved for the CDM Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) program. These contractors include Booz Allen Hamilton, ManTech, CGI and CACI. For more information on how to purchase the StackRox Kubernetes Security Platform for federal organizations, please visit: