Introducing the industry’s only container security platform with adaptive threat protection
StackRox secures your entire path from containers to web-scale microservices. It enables deep container visibility and insights, adapts defenses to new cyber threats, and unifies multiple threat protection capabilities with a single integrated platform.
Container auto-discovery with fingerprinting
StackRox automatically discovers every container across your environment. Patent-pending microservice fingerprinting technology enables rapid, reliable identification of both known and rogue containers, giving you a concisely organized view of your applications.
Advanced network visualizations
StackRox renders interactive, detailed visualizations of your container network in real time, giving you a clear depiction of connections between containers, microservices, and applications.
Insights from an entire ocean of container signals
StackRox continuously monitors a vast collection of signals including system calls, network traffic, and Docker events, transforming them into meaningful security insights with dramatically less noise.
Two-click behavior modeling
With just two clicks, you can train StackRox’s powerful machine learning models to generate a complete behavioral context of your applications.
Auto-tuning machine learning models
StackRox’s machine learning models dynamically auto-tune based on application and environment changes. This enables a high-fidelity understanding of application behaviors.
Smart detection rules
Out of the box, StackRox puts a broad collection of predefined detection rules at your fingertips. Rapidly configure them or construct your own rules from easy-to-use templates and enable them to trigger alerts and enforcement actions based on file system activity, network flows, Docker events and process filters.
Policy-driven prevention and response
Automatically prevent and respond to threats according to your policies. Actions include blocking unauthorized Docker commands, blocking system calls, and quarantining, isolating, or instantly pausing compromised or rogue containers.
Flexible policy management
StackRox provides a rich policy management framework for evaluating events in certain combinations and sequences that reflect attacker techniques perpetrated over any time horizon. Alerts summaries capture detected events and their context, along with the corresponding automated enforcement actions.
Advanced event correlation
StackRox correlates indicators of compromise and security events across your entire environment, swiftly alerting you to attacks and policy violations.
Image vulnerability scanning
Conveniently scan container images for known vulnerabilities.
Through fully-developed native integrations, StackRox is built for production environments and interfaces with the following systems:
- Docker Swarm
- Amazon EC2 Container Service
- Azure Container Service
- Docker Enterprise Edition
- Google Container Engine
- Mesosphere DC/OS
- Red Hat OpenShift
- Single sign-on (SSO) authentication and other identity management platforms
- Alerting workflows / incident management systems
- Full-featured API for integration with SIEM and existing security tools