Register for our next webcast - securing containers and Kubernetes with StackRox Save My Seat >
{ .link_text }}

Posts under Container security

Docker Hub Breach: What to Do Now

Docker Hub Breach: What to Do Now

What happened? In an email to customers, Kent Lamb, Director of Docker Support, wrote “During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds.” As a result of this breach, it’s possible that images in your Docker Hub repository may have been tampered with or overwritten.

StackRox and Google Cloud Deliver Container Security as Cloud SCC goes GA

StackRox and Google Cloud Deliver Container Security as Cloud SCC goes GA

We’re excited to announce today that we’ve added support for the latest version of the Google Cloud Security Command Center (Cloud SCC). StackRox has collaborated with the Cloud SCC team as part of our Google Cloud partnership since Cloud SCC’s alpha release, and we’re excited that the platform is now generally available. The StackRox Kubernetes Security Platform enables customers to meet their security and compliance requirements across the container lifecycle, and we’ve integrated deeply with Kubernetes to deliver the key capabilities essential to an effective container security solution .

Winning When It Counts - the Prestigious SC Magazine Award

Winning When It Counts - the Prestigious SC Magazine Award

Like the “participation” trophy every kid on the soccer team wins in kindergarten, some industry awards just don’t carry much clout. The SC Magazine awards? Now that’s a different story. These awards, announced in conjunction with the RSA Conference every year, bestow a huge amount of prestige on the companies and technologies they celebrate. The award submissions are incredibly competitive, and I know of many companies who try year after year to win and fall short.

Simplifying Compliance in a DevOps World

Simplifying Compliance in a DevOps World

Today we introduced a slew of new compliance capabilities, including support for NIST, PCI, and HIPAA. As we’ve talked with customers about the functionality they need, a few key trends have emerged that informed how we designed our StackRox Kubernetes Security Platform to support compliance. We love how one customer reacted to our new features: StackRox gives us the ability to demonstrate our adherence to HIPAA at all times, helping us avoid audit-induced anxieties.

The runC Vulnerability - A Deep Dive on Protecting Yourself

The runC Vulnerability - A Deep Dive on Protecting Yourself

A vulnerability in runC , which allows an attacker to gain host-level code execution by breaking out of a running container, was discovered and reported by Adam Iwaniuk and Borys Poplawski in early January and published as CVE-2019-5736 on 11 February 2019. This vulnerability is highly significant in that it: enables container isolation breakout with minimal interaction from an authorized host user; typically allows an attacker to obtain root privileges on the host; negatively impacts most container environments because many containers run with default Docker security settings and default user (UID 0); and affects runC, the most commonly used low-level container runtime in Docker and Kubernetes environments.

StackRox is All In on Kubernetes – and It Makes Your Container Security Better

StackRox is All In on Kubernetes – and It Makes Your Container Security Better

In a news release today , we detailed new capabilities in the latest version of the StackRox Kubernetes Security Platform that enable better visibility, more nuanced risk profiling, and more streamlined network policy enforcement. In every case, these new features derive directly from our deep integrations with Kubernetes. About a year ago, we faced a difficult decision – continue our support of a broad array of orchestrator platforms or narrow our focus to supporting just Kubernetes.

StackRox – Putting the Customer at the Center of Kubernetes Security

StackRox – Putting the Customer at the Center of Kubernetes Security

When we officially launched the StackRox Kubernetes Security Platform about 18 months ago, we highlighted that microservices, containers, and Kubernetes were the next stage in the evolution of application development in the cloud-native stack. While DevOps embraced microservices and its advantages in delivering unprecedented speed, efficiency, and portability, security teams were frequently left in the dark or brought in a little too late. Today, security teams are proactively working with DevOps to ensure that their organization’s security and compliance requirements are adequately addressed before new apps go live.

Must-Have Capabilities When Evaluating Container Security Solutions

Must-Have Capabilities When Evaluating Container Security Solutions

More and more organizations are transforming their businesses by embracing DevOps principles, microservice design patterns, and container and orchestrator technologies such as Docker and Kubernetes. While security teams have the same mission regardless of the technology stack in use – keep the bad guys out and find and stop them if they do break in – the tools and tactics security staff employ must change to accommodate this infrastructure shift.

Top 5 Container and Kubernetes Security Posts of 2018

Top 5 Container and Kubernetes Security Posts of 2018

The year 2018 was a watershed for containers, container security, and Kubernetes. Tesla got hacked, the most critical Kubernetes vulnerability to date was discovered, IBM bought RedHat for $34 billion (in large part for OpenShift), VMware bought Heptio for more than $500 million, and investors poured money into container technology startups at an ever-increasing pace. The Following five blog articles capture and distill the big picture trends in container adoption and Kubernetes security in 2018.

Survey Says … Security Tops the List of Container Strategy Concerns

Survey Says … Security Tops the List of Container Strategy Concerns

This week StackRox launched the industry’s first ever State of Container Security report. To compile the findings, we surveyed more than 230 IT leaders across operations and security roles. Some responses came as no surprise – the dominance of Docker and Kubernetes, for example, or the breadth of industries using containers to accelerate application roll out. But many results did surprise us – including the extent to which security leads the list of concerns about companies’ container strategies.

Why We Chose StackRox - Guest Post and Video from Mux

Why We Chose StackRox - Guest Post and Video from Mux

Today we posted the news that we’ve adopted StackRox to secure our environment. I wanted to share a bit about our thought process and results in hopes of helping others like us. Security is difficult to manage at every level of technology development, from building a simple web app to running enormous platforms like the tech giants manage — recent tech headlines just prove this point. Like other early-stage SaaS startups, we here at Mux face the combined challenges of having limited resources, a relatively large technology footprint, and the obvious focus on building strong product features.

StackRox and In-Q-Tel – Building Better Security Together

StackRox and In-Q-Tel – Building Better Security Together

We’re excited to share the news today that we’ve entered into a technology development and strategic investment agreement with In-Q-Tel (IQT). For nearly 20 years, IQT has been critical to driving cutting-edge technology into the U.S. Intelligence Community. The not-for-profit investor identifies innovative security startups and connects them with U.S. government agencies chartered with keeping the United States safe. In choosing to partner with StackRox, IQT has signaled the criticality of containers in driving application innovation today and the advanced security StackRox provides for these environments.

Google Next Talk: Kubernetes Security Threats and Solutions

Google Next Talk: Kubernetes Security Threats and Solutions

We were pleased to present at Google Cloud Next 2018 at the request of Allan Naim, a Kubernetes Engine product manager at Google. In our talk, we highlighted reference architectures for container security and technical demos of attack vectors in the ecosystem. Our talk centered around architectures for FinTech companies running on Google Kubernetes Engine (GKE), but anyone running containers and Kubernetes can leverage the findings we’ll review here. Allan started the discussion with an overview of the Google Cloud products that retail and financial services businesses can use to build rich, tailored, easy-to-operate solutions for their customers.

Gartner’s Top 10 Security Projects – Part II

Gartner’s Top 10 Security Projects – Part II

We’re picking up our coverage of Gartner’s security conference with a continued discussion of the Top 10 Security Projects Gartner recommends you do this year, in prioritized order. In Part I of the discussion, we highlighted Privileged Account Management, CARTA-inspired Vulnerability Management, and Active Anti Phishing. Neil continued his list by highlighting the need for protections like StackRox provides. #4 – Application Control on Server Workloads For this project, Neil emphasized the need to reduce the attack surface and limit certain functions from running on servers.

Gartner on the Top 10 Security Projects for the Year

Gartner on the Top 10 Security Projects for the Year

We’ve been highlighting a number of the talks at Gartner’s security conference last month, including on the value of shifting right with security, risk-prioritized vulnerability guidance, and the principles of continuous security. In this recap, we’ll profile Neil MacDonald’s presentation on the Top 10 Security Projects you should undertake this year. He led off the talk acknowledging we’re never “done” in security, and that it’s futile to try to build perfect security.

Check us Out at Google Next

Check us Out at Google Next

We’ve enjoyed a great partnership with Google, with our StackRox Kubernetes Security Platform enhancing the security capabilities of Google Cloud Platform. We were honored when the folks at GCP asked us to speak at the Next conference on security reference architectures. During his talk on Wednesday, July 25 , our head of products, Wei Lien Dang, will highlight three customers – a Fortune 100 bank, a Fortune 50 financial services firm, and a Global 200 e-commerce company.