Container Security Maturity Model – Understand your security needs at every stage of the container journey Download eBook
{ .link_text }}
Request Demo Navigation

Configuration Management

Only StackRox identifies misconfigurations across images, containers, clusters, Kubernetes, and network policies, preventing the accidental misconfigurations that put your application performance and security at risk.

Download Solution Brief >

Leverage pre-configured policies

StackRox delivers out-of-the-box policies that identify configuration violations related to network exposures, privileged containers, processes running as root, and compliance with industry standards.

 

Prevent image misconfigurations

Along with scanning images for vulnerabilities, it’s essential to also look for misconfigurations. The StackRox Kubernetes Security Platform assesses image configurations against industry best practices and CIS benchmarks to decrease your security risk before containers are deployed and running. Use StackRox to fail builds that violate best practices or your internal policies.

 

Detect container misconfigurations

Identify and remediate misconfigurations such as inappropriate access to secrets, heightened privileges, unnecessary Linux capabilities, and excessive network exposure. Beyond identifying these security risks, StackRox also pinpoints configurations that violate DevOps best practices, such as failing to set resource constraints.

 

Audit and secure Kubernetes RBAC

StackRox analyzes Kubernetes Role-Based Access Control (RBAC) settings to understand user and service account privileges and applies this context to determine misconfigurations and inform risk assessment.

 

Control access to Kubernetes secrets

StackRox tracks Kubernetes secrets and which deployments use them, enabling you to proactively limit unnecessary access and misuse.

 

Identify and correct network misconfigurations

The default setup in Kubernetes is to support open communications among all assets. The StackRox platform identifies which communication paths are not needed to support an application and generates updated policies that remove those permissions.

 

A big problem that StackRox solves for us is understanding how everything’s configured. Kubernetes is a beast, with lots of moving parts, and StackRox shows us where we need to tighten things up.

Christopher Buckley DevOps Engineer
SportsHub

30 day free trial

See the StackRox Kubernetes Security Platform in action in your environment

Start your trial

Ready to secure your containers?

Our container security experts would love to show you StackRox in action

Request a demo