In 2021, Red Hat acquired StackRox and the first Kubernetes-native security platform with an innovative approach to container security. With the acquisition, Red Hat further expanded its security leadership and reinforced its commitment to deliver a single, holistic, integrated application platform for users to build, deploy, and more securely run nearly any application across the hybrid cloud.
Red Hat has always maintained its commitment to supporting the open source community, and with this news, we’re enabling developer and security teams to deliver more secure applications faster. With Red Hat’s latest open source contribution, customers will be able to solve their Kubernetes security challenges, including:
Shift security left
Operationalizing full life cycle application security in Kubernetes
Overcome the challenges of Kubernetes security
Key use cases for StackRox
StackRox integrates with DevOps and security tools, allowing teams to operationalize and implement security for their supply chain, infrastructure, and workloads.
Supply chain security
Simplify DevOps processes by providing developers with security context in their existing workflows.
Integrate security into your CI/CD pipelines and image registries to provide continuous image scanning and assurance.
Scan images for both operating system (OS)- and language-level vulnerabilities.
Use existing security information and event management (SIEM) tools and notification platforms to facilitate remediation and response.
Harden your organization’s environment to ensure the underlying infrastructure is configured to maintain security.
Prevent configuration drift by compliance checks against CIS benchmarks or custom policies.
Analyze existing rules for role-based access control (RBAC) to prevent insecure access and authorizations.
Connect with the Kubernetes API to watch for high-risk actions like configmap changes or container exec commands.
Prevent high-risk workloads from deploying or running using out-of-the-box deploy-time and runtime policies.
Harden workloads by enforcing network policies that adhere to the principle of least privilege—only providing the access privileges necessary to complete a task.
Use allow-listing and behavioral modeling to detect anomalous application behavior indicative of a threat at runtime.
Monitor known good behavior to configure custom policies and alerts for anomalous and malicious behavior.
StackRox’s Kubernetes-native architecture will enable teams to harden their applications across their cloud and on-premise environments and accomplish this in a transparent, collaborative manner. With the recent breaches and supply chain exploits over the past year, we see StackRox as a way to help communities harden their application and take an end-to-end zero-trust approach to Kubernetes.
The StackRox source code is available on GitHub to use and consume. Please see the GitHub repository for information regarding deploying open source StackRox into your Kubernetes clusters and star and watch it follow along as we simplify and make it easier for you to consume.
We’re pleased to announce the general availability of Red Hat Advanced Cluster Management for Kubernetes 2.7. This release includes many enhancements as a result of the combined effort of our entire ...
Since the inception of OpenShift 4, installer-provisioned-infrastructure clusters have utilised the Machine API to manage worker and infrastructure machines via MachineSet resources. However, while ...