StackRox Announces New Release of Its Container Security Platform

a leader in security for containerized, cloud-native applications, today
announced a new release of its Container Security Platform. It is the
first integrated, full life cycle solution for container security that
incorporates a feedback loop between the different phases of the
container life cycle. This functionality uses threat information
detected at runtime to inform risk scoring and policy enforcement as
containers are built and deployed, resulting in actionable insights with
greater context.

The StackRox Container Security Platform is unique in the marketplace by
providing a feedback loop that leverages runtime data to proactively
identify security risks earlier in the container life cycle. This
software release also marks the first time that a full life cycle
container security platform protects against key orchestrator-based
threats, which have gained prominence due to recent high-profile
compromises. The new release helps customers automatically catch
potential security issues based on observed application behavior at
runtime and extends its policy management capabilities to the additional
attack surfaces introduced by orchestration systems themselves. The
update also includes new capabilities that help customers reduce the
attack surface during the build and deploy phase of the container life

“The StackRox Container Security Platform’s integrated approach
streamlines decision making and fosters collaboration between security
and DevOps,” said Wei Lien Dang, StackRox’s vice president of product.
“Because our platform has a feedback loop that ties together
capabilities across different phases of the container life cycle – as
opposed to providing functionality on a standalone basis – it provides
customers with an unmatched level of security against emerging
container-based threats. It eliminates entire workflows that security
operators would typically have to go through.”

The platform lets customers configure the new integration with just a
couple clicks; as a result, security operators benefit from spending
less time hunting for security issues and having to interpret how threat
activity could potentially impact other parts of their container
environment. This approach is adaptive to an enterprise’s ongoing and
evolving security posture and is built for the speed and volume of data
being generated in container environments so that customers don’t miss

“Cloud-native development demands a new security approach, one that
works across the full container life cycle,” said Diogo Mónica, former
security lead at Docker. “Building in an automated, continuously running
feedback loop between the development and operations phases increases
the overall security posture and improves the efficiency of security

To augment security throughout the container life cycle, the StackRox
Container Security Platform now supports vulnerability scanning and
policy enforcement for network segmentation and secrets.

Specific to orchestrator-based threats, the platform evaluates
configurations of security capabilities native to the orchestrator
itself, such as role-based access controls, network policies and secrets
in Kubernetes. If an attacker uses tools to conduct reconnaissance and
scanning within the container environment or exploits orchestrator
misconfigurations, the StackRox container security platform will detect
that activity.

The new release of the StackRox platform adds core detection
functionality to expose orchestrator-specific attacks that rely on
exploiting certain components within Kubernetes environments, including
the kubelet, Kubernetes service endpoints or metadata servers. Recently
several examples of orchestrator-related attacks have been published,
including a compromise of Tesla’s Kubernetes infrastructure that allowed
attackers to mine cryptocurrency and a report that detailed how an
attacker could have compromised Shopify’s Kubernetes clusters. The new
StackRox release protects against these types of threats by default.

This upgraded version of the StackRox Container Security Platform will
be generally available this month.

About StackRox

StackRox helps enterprises secure their containerized, cloud-native
applications at scale. The StackRox Container Security Platform enables
security teams to discover the full container environment and ensure
they adhere to security policies, and it detects and stops malicious
activity. StackRox customers span Global 2000 enterprises, including in
financial services, technology, and E-Commerce industries, as well as
government agencies. StackRox is privately held and headquartered in
Mountain View, California. To learn more, visit
and follow us on Facebook,
and Twitter.

View source version on

Leave a Comment