Posts under Runtime Security
There has never been a better time to be a DevOps engineer. Compared to traditional web stacks, containerization has dramatically streamlined the task of deploying web services such as databases, key/value stores, and servers. Furthermore, container orchestration tools, like Google’s Kubernetes and Docker Swarm, enable organizations to automate the deployment and management of these containerized applications. But the tools that make life easier and more efficient for engineers can also be a gift to an attacker.
In the ninth video in our demo series, we walk you through the third-party enabled integrations that StackRox provides, including integrations with identity providers, role-based access control (RBAC), Security Assertion Markup Language (SAML) providers, notification services like PagerDuty and Slack, and log management solutions.
In the eighth video in our demo series, we’ll take a look at StackRox reports. StackRox gives you summary reports for any period of time to help you get a sense of the risk in your environment. In this video, you can see how we provide a number of preset reports, including an overview summary, alerts by severity, top attacks, policy violations, infected applications and services, top vulnerable services and images, and external infection sources.
Today we are excited to announce a new partnership with Google Cloud Platform (GCP) to jointly deliver end-to-end security across the cloud-native stack for any enterprise. Together, StackRox and Google will accelerate customers’ adoption of secure, containerized application architectures. No company knows more about containers than Google. They have run containers in production for over a decade, and pioneered an ambitious new approach to enterprise computing at scale. Google originated Kubernetes and continues to be its largest contributor in every release, even after more than 58,000 commits.
Last week marked another milestone for the public cloud. I had the opportunity to attend Amazon Web Services (AWS) re:Invent, along with more than 43,000 other attendees who descended on Las Vegas to hear how organizations are using the cloud, learn from more than 1,300 technical sessions, and catch a highly anticipated lineup of product announcements from AWS (an exhaustive list can be found here). AWS re:Invent registration area AWS re:Invent record attendance
In the seventh video in our demo series, we’ll take a look at StackRox machine learning capabilities. StackRox uses five simultaneous machine learning models to continuously capture and analyze millions of signals from your container and microservices environments, delivering insight and intelligence. You can use these powerful models – snapshot them, import and export them – in your distributed environments for good security hygiene and baselining for effective threat detection.
In this sixth video in our demo series, I provide an overview of our StackRox enforcement features. Learn about native StackRox profiles that allow you to prevent and disrupt violations and attacks in your development or production environment. Then, I’ll show you how you can create your own customized enforcement profiles.
In this fourth video of our demo series, I show how our solution gives responders the capabilities to hunt for threats in their environments by looking for malicious indicators. In this video, see how StackRox tracks suspicious events over time and surfaces them if they are used in malicious activity.
The Red Hat OpenShift platform is enabling enterprise organizations to use container technologies such as Docker and Kubernetes to build, deploy, and run applications with unprecedented agility, scale, and speed. In this blog post, I’ll walk through how we’ve integrated StackRox with OpenShift to help our joint customers ensure comprehensive security across their container lifecycle. You can also visit the OpenShift Commons to view a recording of my briefing on this topic from last week, which goes into more details, and provides a live demo of StackRox running with OpenShift.
DockerCon EU 2017 Recap: Security, Kubernetes, and MTA Hej from Copenhagen! I’ve had the privilege of spending the last few days here at an incredible DockerCon EU. With thousands of attendees from hundreds of companies converging on the City of Spires, it’s clear that the Docker community is thriving across the world. Here are some of the highlights we saw this week. Docker Continues to Grow by Leaps & Bounds At his morning keynote, Steve Singh, CEO of Docker, highlighted the state of the Docker ecosystem, with 21 million hosts running Docker and more than 24 billion (!