Only StackRox combines rules, whitelists, baselines, and behavioral modeling to identify threats at runtime in your container environments.
Rules and whitelists
StackRox supports out-of-the-box and custom policies that allow or disallow specific traffic types. These capabilities prevent threats while minimizing noise and alert fatigue.
Real-time threat monitoring
StackRox monitors process execution, network connections and flows, privilege escalation, and files launched to identify threats in real time. The StackRox platform lets you alert on or block such threats.
StackRox supports out-of-the-box and custom policies that let you apply controls at build, deploy, or runtime. You can set which phase the policies should apply to and what enforcement action you want, from failing a build to scaling a service to zero to killing a pod, for example. StackRox accelerates forensic investigations by stitching together related events to help you focus on the most relevant information.
Powering the feedback loop
StackRox provides the only container security platform that takes information from the build and deploy phases of the container life cycle to influence runtime protections and vice versa. As a result, the StackRox platform constantly tunes itself, providing continuous hardening in your environment.
StackRox alerted on a new critical risk. It had just started two minutes earlier, and it showed a container breakout. We wouldn’t have seen it without StackRox.