Estimated reading time: 2 minutes, 31 seconds

StackRox Updates Platform to Focus on Container Security

StackRox Updates Platform to Focus on Container Security Photo by Victoire Joncheray on Unsplash

StackRox, a leading container and Kubernetes security organization, announced on January 23, 2019 the 2.4 release of its Container Security Platform. The new release allows businesses to quickly manage risks based on context and leverage Kubernetes for scalable policy enforcement. The recent enhancements focus on deployment-centric visibility, multi-factor risk profiling and network policy management.

"There's a ton of great and powerful features being built into Kubernetes and the platform is meant to be hugely extensible, so we've really drawn on that framework to provide some innovative security capabilities aligned to things specific to Kubernetes," said Wei Lien Dang, StackRox Vice President of Products.

An outline of enhancements included in the 2.4 release include:

  1. Deployment-Centric Visibility: The 2.4 release focuses on the deployment and the metadata context around that deployment. It allows DevOps teams to view all deployments and pods across namespaces and clusters to identify misconfigurations and potential vulnerabilities. Kubernetes vulnerabilities are an emerging opportunity for attackers and the improved visibility gives organizations a better context of how a specific vulnerability could be exploited in their environment based on certain conditions.
  2. Multi-Factor Risk Profiling: A feature to identify areas of potential vulnerabilities is part of the 2.4 release. The StackRox Kubernetes integration allows an organization to receive better insight into cluster details, labels, privileges, and secrets to prioritize risks. The platform uses existing information built in via Kubernetes to provide a context for risk assessment beyond vulnerability data.
  3. Network Policy Management: StackRox network enforcement features include the newly added network graph, policy recommendations, and policy simulator. The network graph enables customers to visualize allowed traffic, policy recommendations and simulations. Network Policy Management uses the native controls in Kubernetes to ensure network segmentation is scalable, consistent and portable across all environments.

The StackRox Container Security Platform is deployed as containers using Kubernetes YAML files or Helm Charts. It supports self-managed clusters, managed services like Amazon EKS, Azure AKS and Google GKE. It also supports Kubernetes distributions such as Red Hat OpenShift and Docker Enterprise Edition.

StackRox-network-policies-1.png

StackRox is presently focused on Kubernetes as it becomes a rapidly deployed enterprise technology. Some factors contributing to the rise in popularity include more organizations using containers in production and Kubernetes as a leading orchestration platform.

Presently, there are container security tools available, but they are not being as widely used as they should be. Most organizations are using containers in some capacity for application development. However, most applications are still running on traditional infrastructure. At this point it is safe to say most organizations are still very early on in their adoption of container-focused security platforms and as a result these platforms are not as widespread.

An area in the future that StackRox is focused on is compliance. This will include automated checks for industry and regulator compliance standards. Future plans also include continued improvements to their recommendation engine capabilities, which will automatically help users reduce their Kubernetes risk exposure. In addition, they also plan to support serverless deployments in future releases.

For more information on StackRox's security platform, visit https://www.stackrox.com/platform/ .

Read 8970 times
Rate this item
(0 votes)
Craig Gehrig

Craig Gehrig is a systems administrator with Rainbow Resource Center, an online retailer of educational materials in Peoria, IL. He is also the founder of Vanova IT, a security research and IT solutions provider. In his spare time, he can be found on the golf course and spending time with his wife Vanessa and their two children- Sasha and Craig.

https://twitter.com/CraigGehrig

Visit other PMG Sites: