Securing Kubernetes for Federal Agencies
Full life cycle security across build, deploy, and runtime phases for your civilian or military organization’s Kubernetes workloads
Security for containers and Kubernetes
Agencies have adopted the cloud-native stack, including containers and Kubernetes, to increase agility and accelerate application development. However, adoption of container technologies also requires the necessary security controls that protect the cloud-native stack. StackRox provides a comprehensive security solution to defend federal cloud-native infrastructure from vulnerabilities and misconfigurations, ensure compliance with external and internal policies, and detect and stop runtime threats.
Backed by In-Q-Tel
In-Q-Tel has made a strategic investment in StackRox to help Federal agencies protect their cloud-native stack. Reducing the attack surface, profiling runtime risk, and detecting and stopping attacks drive value for these agencies.
Securing DoD Platform One
StackRox, under a Phase II SBIR award, provides security and compliance capabilities for Platform One across containers and Kubernetes, protecting the DoD’s entire software enterprise as it accelerates migration towards DevSecOps and modernizes everything from the Air Force Portal to some of the most classified systems in the DoD.Learn More
Now available in Iron Bank
StackRox is now available in DoD Iron Bank, formerly DoD Centralized Artifact Repository (DCAR), as an approved application to ensure complete life cycle security of the DoD DevSecOps pipeline. Agencies can leverage StackRox to scan images for known vulnerabilities during build phase, enforce security and hardening best practices for configuration and network segmentation at deploy time, and detect malicious activity — such as an anomalous process execution — using behavioral analysis and baselining at runtime.
The ability to apply DevSecOps principles to our defense systems is crucial to the United States maintaining its leadership in readiness and innovation. StackRox, with its Kubernetes-native approach to securing microservices environments, makes it easier for cyber teams to shift left and apply controls early in the development cycle and embed security policies in code.
Partnering with DHS to Secure FinServ Systems
The DHS Science and Technology Directorate (S&T) uses its Silicon Valley Innovation Program (SVIP) to invest in next-generation security technologies to protect critical infrastructure, including mission-critical, cloud-native applications for financial institutions. StackRox, under a Phase III contract with DHS, has deployed our Kubernetes and container security software at a large U.S. bank to help the FinServ industry better understand how to secure Kubernetes applications at scale.Learn more
Extending CDM to containerized infrastructure
The initial design requirements of the DHS CDM program were tailored to securing on-premises and data center infrastructures. The move to cloud-native architecture has changed the security paradigm for agencies, but the goals remain the same. For example, the primary CDM tenets of identifying network assets and reducing their vulnerabilities still apply. Agencies can leverage StackRox to extend the same security controls espoused by CDM to their containerized and Kubernetes environments. StackRox is excited to provide the only container security platform on the Approved Products List (APL) for CDM.DOWNLOAD SOLUTION BRIEF
Enabling the DoD DevSecOps initiative
The Department of Defense launched the DevSecOps initiative (and the accompanying reference guide) to accelerate software development and deployment through DevOps practices, containers, and Kubernetes while following security best practices across the full application development life cycle. StackRox helps DoD agencies operationalize the DevSecOps initiative by protecting containerized applications across all phases of the life cycle: build, deploy, and runtime. Agencies leverage StackRox to harden their container environments, prevent vulnerabilities and misconfigurations, enforce secure network segmentation, and detect and remediate runtime threats.
Effortless procurement option
Federal procurement processes are often lengthy and unable to keep pace with fast-changing technology and user needs. StackRox is Enterprise-Wide Procurement (SEWP) authorized and General Services Administration (GSA) IT Schedule 70 approved technology provider to help expedite the procurement process for federal agencies.
Made in the USA
StackRox runs all product development, engineering, and customer support operations out of our headquarters in Mountain View, CA, in the heart of Silicon Valley. Our U.S.-based team has extensive experience serving the particular needs of the Federal Government, and many of our staff have run security operations at the NSA and other US IC agencies.