Posts under Kubernetes
StackRox is continuing to shape the future of Kubernetes by enabling customers to build, deploy and run cloud-native applications at scale securely. In recent months, we have released several new, important features covered in this post, focusing on enhanced detection capabilities and simplified administrative workflows. This focus drove new protections for the Kubernetes API server, additional context for the Network Graph, support for the syslog protocol, and a simplified Helm chart installation and upgrade process.
Chris Porter, Director of Solutions Engineering at StackRox recently joined Cloud Economist, Corey Quinn on ‘Screaming in the Cloud’ for a chat about eliminating security risks in Kubernetes. You can listen to the conversation in the podcast episode below, or you can read through the transcript that follows, condensed and modified for clarity. Corey Quinn: Welcome to screaming in the cloud. I’m Corey Quinn. I’m joined on this promoted episode by Chris Porter, Director of Solutions Engineering over at StackRox.
As we close another inspirational KubeCon and look ahead to future gatherings, let’s also pause to reflect on the accomplishments we’ve achieved together as members of the cloud-native community. For most of us, 2020 was one of the most challenging periods in our personal and professional lives. Most of us experienced unprecedented stress and anxiety as our lives were altered by the pandemic. Some of us experienced far worse – severe illness or grief over the loss of loved ones.
AppSec Has Changed Application security has matured, transformed, “shifted left”, been rebranded, de-centralised and even to an extent re-centralised over the past 10 years. Keeping up with what is relevant, with a keen eye on what is coming, is a juggling act of Cirque du Soleil proportions and something that even the keenly enthused must work above and beyond to get a firm yet perpetually slippery grasp on. The Catalyst Kubernetes won the orchestration battle – so decisively that just last year (2019) Kelsey Hightower was elucidating his not-so-distant vision of a world where it was so ubiquitous, we no longer considered it.
Today, I’m excited to announce the launch of KubeLinter, a new open source project from StackRox! KubeLinter analyzes Kubernetes YAML files and Helm charts, and checks them against a variety of best practices, with a focus on production readiness and security. Scroll down to watch a video overview of KubeLinter. KubeLinter was born out of a pain point that we know only too well at StackRox, both from our internal clusters, and from listening to our customers: configuring Kubernetes applications is hard!
Several years ago, few would have thought that a government agency would be at the forefront of application development tooling and processes, daring the civilian world to keep up with their shift-left knowhow. But that’s exactly what’s happening in the U.S. Department of Defense, which is implementing the Enterprise DevSecOps Initiative to enable agencies to increase the warfighter’s competitive advantage by developing applications more rapidly and securely. As StackRox found in our recent survey, 83% of organizations currently have a DevSecOps initiative, and the DoD is leading the charge.
We were already having a great day yesterday – responding to all the congratulations messages on our funding, our huge 240% increase in revenue, and our customer momentum – when news hit that we were named amongst that select group of SINET 16 Innovator Award winners. Wow. The tally of security vendors hovers around 2500, and we’re called out as one of the 16 most innovative across that entire landscape. This recognition is just one more indicator of the power of our unique approach to securing cloud-native infrastructure.
Today we’re excited to announce our $26.5M round of funding led by Menlo Ventures, with participation from Highland Capital Partners and Hewlett-Packard Enterprise along with existing investors Redpoint Ventures and Sequoia Capital. The influx of capital will enable us to meet rapidly growing demand driven by two of the biggest trends in IT and Security — Kubernetes and DevSecOps — and deliver on our vision to enable organizations to securely build, deploy, and run cloud-native applications anywhere.
I’ve had the good fortune to get to know Pathik Patel, head of cloud security at Informatica, over the past 18 months since he became a StackRox customer, and today we’re sharing the news of our joint success story. Across our numerous conversations, he has repeatedly impressed me with his forward thinking on how to innovate security processes, approaches, and tooling to keep Informatica at the forefront of securely enabling sophisticated data management, detailed in this case study.
What’s better than being named a Computer Reseller News Emerging Vendor? Winning that designation two years running! We’re thrilled to be included amongst these elite technical innovators. The advantages of our unique Kubernetes-native approach to securing today’s modern apps are earning us kudos across customers (see online reviews on Gartner Peer Insights and G2), cloud partners, resellers, and industry watchers. As companies of all stripes work to accelerate their digital transformation, resellers have a special opportunity to serve as trusted advisors on the path toward app modernization.
When you’re managing the distribution of people’s paychecks, you’ve got a high bar to meet on security. So for Namely, whose SaaS application supports payroll, people management, compliance and tax, and team collaboration for hundreds of thousands of users, security has been a priority from Day 1. The move to a microservices architecture, however, drove the need for a whole new approach to security. Namely’s flagship SaaS platform uses hundreds of services that are constantly being released and updated, so the company standardized on Kubernetes to scale and operationalize infrastructure management.
You learn from every customer, but some of the toughest requirements can come from our Intelligence Community customers. Occasionally, that group needs capabilities uniquely their own, but in the best of times, they push you in ways that benefit all your customers. Our recent developments in runtime security fall in that second camp, and we’re excited to announce their availability today. We collaborated with our IC customers along with some of our biggest enterprise customers to enhance our platform with new features that help streamline analysis, investigation, and response for runtime security events.
Being based in one of the more impacted COVID-19 areas in the U.S. - Silicon Valley - we at StackRox, like many other companies, are entering our third week with employees working from home. Many members of our team are supporting at-home learning for their children as well. Family and health come first – always. We are committed to offering our employees the flexibility and understanding that they need to take care of their families – without any additional stress or worry.
I’ve always said the best part of my job is talking to customers – especially happy customers! – and I got that chance a couple weeks ago in interviewing George Gerchow, the chief security officer at Sumo Logic. George is one of those “no BS, move fast, lead by serving, and do it all with a smile” guys. And he’s unflinching about the criticality of security to the company he serves.
Today we shared the news that StackRox supports the Anthos platform (download joint solution brief), extending the reach of our hybrid and multicloud security approach. Anthos and the StackRox Kubernetes Security Platform share a lot of common principles in delivering consistency across different environments – enabling both the infrastructure itself as well as the security policies and controls to bridge these worlds makes for a powerful combination. Hybrid and multicloud adoption are on the rise, as demonstrated in StackRox research and other reports.
StackRox has pioneered Kubernetes-native container security, bringing rich context and infrastructure-native enforcement to protecting Kubernetes and containers across build, deploy, and runtime. We recognize the importance of getting critical alerts about this cloud-native stack to the right team, at the right moment – by integrating with PagerDuty, we broadened the choices on how to do so. To effectively protect the cloud-native stack, DevOps and security teams must be able to operationalize the security technologies designed to protect this new infrastructure.