Only StackRox identifies misconfigurations across images, containers, clusters, Kubernetes, and network policies, preventing the accidental exposures that put your systems at risk.
Leverage pre-configured policies
StackRox delivers out-of-the-box policies that identify configuration violations related to network exposures, privileged containers, processes running as root, and compliance with industry standards.
Prevent image misconfigurations
Along with scanning images for vulnerabilities, it’s essential to also look for misconfigurations. The StackRox Kubernetes Security Platform assesses image configurations against industry best practices and CIS benchmarks to decrease your security risk before containers are deployed and running. Use StackRox to fail builds that violate best practices or your internal policies.
Detect container misconfigurations
Identify and remediate misconfigurations such as inappropriate access to secrets, heightened privileges, unnecessary Linux capabilities, and excessive network exposure. Beyond identifying these security risks, StackRox also pinpoints configurations that violate DevOps best practices, such as failing to set resource constraints.
Audit and secure Kubernetes RBAC
StackRox analyzes Kubernetes Role-Based Access Control (RBAC) settings to understand user and service account privileges and applies this context to determine misconfigurations and inform risk assessment.
Control access to Kubernetes secrets
StackRox tracks Kubernetes secrets and which deployments use them, enabling you to proactively limit unnecessary access and misuse.
Identify and correct network misconfigurations
The default setup in Kubernetes is to support open communications among all assets. The StackRox platform identifies which communication paths are not needed to support an application and generates updated policies that remove those permissions.
A big problem that StackRox solves for us is understanding how everything’s configured. Kubernetes is a beast, with lots of moving parts, and StackRox shows us where we need to tighten things up.