Posts under Kubernetes
StackRox has pioneered Kubernetes-native container security, bringing rich context and infrastructure-native enforcement to protecting Kubernetes and containers across build, deploy, and runtime. We recognize the importance of getting critical alerts about this cloud-native stack to the right team, at the right moment – by integrating with PagerDuty, we broadened the choices on how to do so. To effectively protect the cloud-native stack, DevOps and security teams must be able to operationalize the security technologies designed to protect this new infrastructure.
Just in time for KubeCon next week, we’re announcing today the 3.0 version of our StackRox Kubernetes Security Platform. We’re really proud of the industry-first capabilities we’re introducing with this upgrade, enabling our customers to better harden their Kubernetes and container environments. Every time we build new functionality into our platform, we keep a relentless focus on the staff responsible for operationalizing container and Kubernetes security. This lens informs everything about how we design new capabilities.
Below is the transcript of the video, condensed and modified for clarity. Some of us are pushing Kubernetes at our organizations and some of us are getting Kubernetes pushed on us at our organizations. This marks a huge paradigm shift in infrastructure, the way that we manage software and applications, and the way that developers deploy their applications. When you think about DevOps, it’s every SREs dream to have developers manage their own applications but that means that they’re pushing code to production and we’re building pipelines for people to quickly develop and push code, and from a security standpoint, that makes me a little scared.
As the container ecosystem has matured, Kubernetes has emerged as the de facto orchestrator for running applications. The advent of declarative and immutable workloads has paved the way for an entirely new operational model for detection and response. The rich set of workload metadata augments and elevates traditional detection approaches. One such detection approach is anomaly detection. Anomaly detection consists of first creating an activity baseline for an application and then measuring future events against that baseline.
Operationalizing container security by integrating with existing DevOps tooling and workflows has long been a design principle in how we’ve built our StackRox Kubernetes Security Platform. Today we’re excited to announce yet another powerful integration to make our customers’ operational lives better – the StackRox App for Sumo Logic. With this integration, joint customers now get rich StackRox insights about Kubernetes and container security incidents directly in the Sumo Logic Continuous Intelligence Platform.
Google Cloud Platform (GCP) provides organizations with a scalable cloud infrastructure solution for building, deploying, and running cloud-native applications. StackRox is proud to announce that the StackRox Kubernetes Security Platform is available for all GCP customers on the GCP marketplace. Joint customers can now easily deploy StackRox from the GCP Marketplace to protect their Kubernetes environments running on GCP, Google Kubernetes Engine (GKE), Cloud Compute Engine (GCE), and Anthos.
This is the first of a three-part blog series reviewing Gartner Security & Risk Management Summit 2019. Don’t forget to read article two titled Gartner on Securing Cloud-Native Apps, and article three titled Gartner: How-To Guide on Securing Containers. After considering nearly two dozen security projects, Gartner analysts included container security on their list of top projects to undertake in 2019 at the Security and Risk Management conference last week.
Wow! We went to the CODiEs awards ceremony last night hoping to come home with a win and came home with two! The StackRox Kubernetes Security Platform won both Best Emerging Technology and Best Network Security Solution! These wins continue a long stream of wins, including Best Emerging Technology from SC Magazine, a Gold Stevie Award, Most Innovative Company in the Cybersecurity Excellence Awards, and a Gold Winner in the Info Security PG Global Excellence Awards – all just this year!
Kubernetes 1.14 is out! As always, we at StackRox are excited to dive in and see what’s new. And this release didn’t disappoint – from major new features and security improvements to small enhancements that simplify the day-to-day life of operators, this update includes a lot to unpack (and a few deprecation warnings to watch out for!). Windows Support is now Stable This feature is the big one: starting with 1.
Today we introduced a slew of new compliance capabilities, including support for NIST, PCI, and HIPAA. As we’ve talked with customers about the functionality they need, a few key trends have emerged that informed how we designed our StackRox Kubernetes Security Platform to support compliance. We love how one customer reacted to our new features: StackRox gives us the ability to demonstrate our adherence to HIPAA at all times, helping us avoid audit-induced anxieties.
In a news release today, we detailed new capabilities in the latest version of the StackRox Kubernetes Security Platform that enable better visibility, more nuanced risk profiling, and more streamlined network policy enforcement. In every case, these new features derive directly from our deep integrations with Kubernetes. About a year ago, we faced a difficult decision – continue our support of a broad array of orchestrator platforms or narrow our focus to supporting just Kubernetes.
The tech industry press has been abuzz this week with news of the first major security hole discovered in Kubernetes, with coverage in ZDNet, The Stack, and TechTarget’s Search IT Operations. Given the prevalence of Kubernetes in organizations’ tech stacks and the fact that it’s the first discovered security flaw, the news is pretty big. Here at StackRox, we were surprised in a couple ways – first, with its scope, and second, that it wasn’t discovered earlier.
This week StackRox launched the industry’s first ever State of Container Security report. To compile the findings, we surveyed more than 230 IT leaders across operations and security roles. Some responses came as no surprise – the dominance of Docker and Kubernetes, for example, or the breadth of industries using containers to accelerate application roll out. But many results did surprise us – including the extent to which security leads the list of concerns about companies’ container strategies.
Today we posted the news that we’ve adopted StackRox to secure our environment. I wanted to share a bit about our thought process and results in hopes of helping others like us. Security is difficult to manage at every level of technology development, from building a simple web app to running enormous platforms like the tech giants manage — recent tech headlines just prove this point. Like other early-stage SaaS startups, we here at Mux face the combined challenges of having limited resources, a relatively large technology footprint, and the obvious focus on building strong product features.
We were pleased to present at Google Cloud Next 2018 at the request of Allan Naim, a Kubernetes Engine product manager at Google. In our talk, we highlighted reference architectures for container security and technical demos of attack vectors in the ecosystem. Our talk centered around architectures for FinTech companies running on Google Kubernetes Engine (GKE), but anyone running containers and Kubernetes can leverage the findings we’ll review here.
We’ve enjoyed a great partnership with Google, with our StackRox Kubernetes Security Platform enhancing the security capabilities of Google Cloud Platform. We were honored when the folks at GCP asked us to speak at the Next conference on security reference architectures. During his talk on Wednesday, July 25, our head of products, Wei Lien Dang, will highlight three customers – a Fortune 100 bank, a Fortune 50 financial services firm, and a Global 200 e-commerce company.