StackRox Kubernetes Security Platform 3.0 Introduces Advanced Features and New Workflows for Configuration and Vulnerability Management

MOUNTAIN VIEW, Calif., Nov. 13, 2019 /PRNewswire/ -- StackRox, the leader in security for containers and Kubernetes, today announced version 3.0 of the StackRox Kubernetes Security Platform. The latest release incorporates industry-first features for configuration management and vulnerability management that enable businesses to achieve stronger protection of cloud-native, containerized applications. StackRox now makes it easier to discover and understand vulnerabilities across Kubernetes environments, identify insecure configurations across applications and infrastructure, and integrate with additional ecosystem platforms.

"Mitigating the growing threat of Kubernetes vulnerabilities and avoiding misconfigurations are major priorities for cloud-native organizations like ours," said Maxx Lobo, CTO of Ask Media Group, a StackRox customer. "The new workflows from StackRox enable our teams to automatically identify and address these risks, so that we can be smarter about how to focus our time and resources when it comes to securing our Kubernetes applications. StackRox allows us to keep moving fast on our digital transformation initiatives while improving our security."

StackRox is the first security solution to provide dedicated dashboards and workflows for Kubernetes configuration management that help reduce misconfigurations, thereby reducing risk.

    --  Interactive dashboards - StackRox enables users to view risk-prioritized
        misconfigurations, easily drill down to critical information about where
        misconfigurations exist, determine relevant context required for
        effective remediation, and speed collaboration between security and
        DevOps teams.
    --  Kubernetes role-based access control (RBAC) assessment - StackRox
        continuously monitors permissions for users and service accounts to help
        mitigate against excessive privileges being granted - a source of
        potential exploits of various threat vectors - as well as identify
        potential misconfigurations and inform risk analysis.
    --  Kubernetes secrets access monitoring - StackRox discovers secrets in
        Kubernetes and monitors which deployments can use them to ensure
        unnecessary access can be limited.
    --  Kubernetes-specific policy enforcement - StackRox identifies
        configurations in Kubernetes related to network exposures, privileged
        containers, processes running as root, compliance with industry
        standards, and other factors to determine policy violations.

In addition to configuration management, StackRox is also introducing advanced vulnerability management capabilities, including:

    --  Interactive dashboards - StackRox provides interactive views that
        provide risk-prioritized snapshots across your environment, highlighting
        vulnerabilities in both images and Kubernetes.
    --  Discovery of Kubernetes vulnerabilities - StackRox provides visibility
        into critical vulnerabilities that exist in the Kubernetes platform
        itself, including those related to the Kubernetes API server that have
        been disclosed by the Kubernetes product security team, in the recent
        security audit, and via other channels.
    --  Language-specific vulnerabilities - StackRox scans container images for
        additional vulnerabilities that are language-dependent, providing
        greater coverage across containerized applications.

Along with the new feature set for configuration management and vulnerability management, the latest release of the StackRox Kubernetes Security Platform also adds support for the following ecosystem platforms:

    --  CRI-O container runtime - StackRox supports CRI-O, a lightweight runtime
        optimized for Kubernetes that is an Open Container Initiative
        (OCI)-compliant implementation of the Kubernetes Container Runtime
        Interface. CRI-O is a Cloud Native Computing Foundation (CNCF)
        incubation-level hosted project.
    --  Kubernetes on Distributed Cloud Operating System (DC/OS) - StackRox
        supports using Kubernetes on the DC/OS platform, developed and
        maintained by D2iQ (formerly Mesosphere).
    --  Microsoft Teams integration - StackRox natively integrates with
        Microsoft Teams to deliver security alerts and violation data directly
        to the right resource owners across security and DevOps.

"When it comes to Kubernetes security, new challenges related to vulnerabilities and misconfigurations continue to emerge," said Wei Lien Dang, vice president of product and co-founder, StackRox. "DevOps and Security teams need solutions that quickly and easily solve these issues. StackRox 3.0 is the first container security platform with the capabilities orgs need to effectively deal with Kubernetes configurations and vulnerabilities, so they can reduce risk to what matters most - their applications and their customer's data."

StackRox has made all these capabilities immediately available in this latest major update to its StackRox Kubernetes Security Platform. The company will be highlighting these recent product additions at KubeCon next week.

Additional Resources:
Kubernetes Security 101
Docker Security 101
Kubernetes Configuration Best Practices

KubeCon 2019
As a Platinum Sponsor of KubeCon 2019, StackRox will be showcasing the latest capabilities of its next generation Kubernetes-native container security platform on-site, at Booth P23, where the company will offer live demos and Q&As. StackRox experts will also be speaking on-site on applying lessons learned from the Kubernetes security audit and using the Istio service mesh with cloud-native applications. The company is sponsoring the KubeCon k8s Rooftop Happy Hour on Monday, November 18, 2019, as well as the Red Hat OpenShift Commons Gathering earlier that day. Get the complete schedule of StackRox events at KubeCon 2019.

About StackRox
StackRox helps enterprises secure their containers and Kubernetes environments at scale. StackRox delivers the industry's first and only Kubernetes-native container security platform that enables security and DevOps teams to operationalize security and compliance policies across the entire container life cycle, from build to deploy to runtime. StackRox customers span cloud-native companies, Global 2000 enterprises, and government agencies. StackRox is privately held, with headquarters in Mountain View, CA. To learn more, visit www.stackrox.com and follow us on Facebook, LinkedIn and Twitter.

Press Contact
Dex Polizzi
Lumina Communications
646-741-8358
stackrox@luminapr.com

View original content to download multimedia:http://www.prnewswire.com/news-releases/stackrox-kubernetes-security-platform-3-0-introduces-advanced-features-and-new-workflows-for-configuration-and-vulnerability-management-300957111.html

SOURCE StackRox