Mountain View, CA, USA
Aug 5, 2020   |  By Wei Lien Dang
Part six of our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – covers Credential Access, a set of activities intended for stealing sensitive credentials such as application secrets, passwords, and tokens that may be used by either users or service accounts.
Aug 5, 2020   |  By Michelle McLean
StackRox is in the midst of our own “Fed ramp” of sorts, with news today that we’ve been awarded a Department of Defense SBIR Phase II Award, our long history with In-Q-Tel and multiple deployments in the U.S. Intelligence Community, and more news coming soon on additional Fed initiatives.
Aug 4, 2020   |  By Wei Lien Dang
In February, we published an article providing a side-by-side comparison of the managed Kubernetes offerings from the three largest cloud providers: Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). The Kubernetes ecosystem changes rapidly, as do the feature sets of these managed platforms. This post covers important updates to these services made since our original comparison and our April, May, June, and July updates.
Jul 29, 2020   |  By Wei Lien Dang
This is part two of our four-part GKE security blog series. Don’t forget to check out our previous blog post that covers security best practices for designing your GKE clusters. Securing your GKE cluster’s network traffic and access is crucial for the entire cluster’s security and operation. Follow the below recommendations and best practices to protect your Kubernetes network on GKE.
Jul 27, 2020   |  By Wei Lien Dang
The fifth installment in our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – covers Defense Evasion, a grouping of techniques focused on concealing adversary actions intended to avoid detection. This includes tactics such as deleting evidence of an attacker’s presence or obfuscating how access to a resource was gained.
May 30, 2020   |  By StackRox
Speaker: Andy Clemenko, Solutions Engineer, StackRox
Apr 6, 2020   |  By StackRox
Learn about the best practices and recommended approaches to implementing a successful DevSecOps program
Mar 18, 2020   |  By StackRox
George Gerchow, chief security officer at Sumo Logic, talks about applying security early in the app dev process and how leveraging the Kubernetes-native architecture of StackRox fits perfectly into that mandate.
Feb 25, 2020   |  By StackRox
In this StackRox video, Karen Bruner takes a wide-ranging look at the current features and limitations of the managed Kubernetes services from the three largest cloud service providers: Amazon’s Elastic Kubernetes Service (EKS), Microsoft’s Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). We hope that by presenting this information side-by-side, both current Kubernetes users and prospective adopters can see their options or get an overview of the current state of managed Kubernetes.
Feb 10, 2020   |  By StackRox
Download to learn about: Key Kubernetes security considerations you must be aware of, Operationalizing built-in Kubernetes security features (RBAC, admission controllers, network policies), Security best practices for building/deploying containers as well as protecting your containerized apps during runtime, and How StackRox helps customer secure their containers and Kubernetes across build, deploy, and runtime phases.
Mar 3, 2019   |  By StackRox
Download our definitive guide to implementing a container security strategy across the application development life cycle.
Mar 1, 2019   |  By StackRox
Download this guide to learn about the container security challenges to complying with PCI DSS and how StackRox helps bring your container environment into compliance with PCI DSS.
Feb 1, 2019   |  By StackRox
The State of Container Security report was written to understand how container and Kubernetes adoption trends intersected with security concerns.
Jan 1, 2019   |  By StackRox
If you run workloads in Kubernetes, you know how much important data is accessible through the Kubernetes API-from details of deployments to persistent storage configurations to secrets. The Kubernetes community has delivered a number of impactful security features in 2017 and 2018, including Role-Based Access Control (RBAC) for the Kubernetes API.

The StackRox Kubernetes Security Platform protects your applications across the entire container life cycle. The software discovers your full container environment, ensures assets adhere to your security policies, and identifies and stops malicious actors. Continuously improving security – that’s StackRox.

Containers offer intrinsic security benefits but at the same time increase the attack surface. The StackRox Kubernetes Security Platform maximizes the inherent security advantages of containers – immutability and declarative configuration – to help you harden your container environment. Our software integrates with tooling across the container ecosystem to provide the industry’s best risk profiling, highlighting those assets that need an immediate fix.

Why Customers Choose StackRox?

  • Reduce your Attack Surface: StackRox enforces service-centric deployment policies on vulnerabilities and configurations in your images and orchestrator settings to mandate fixes during the build phase. The StackRox software can block services from deploying if they violate critical policies. You can also set the StackRox software to allow services with non-critical risks to deploy, but immediately issue notifications to your dev teams with remediation suggestions and instructions. Finally – you can run fast AND run safe.
  • Profile Runtime Risk: StackRox prioritizes the most critical security issues to address. The StackRox software provides this risk profiling by tapping into a broad set of factors, including orchestrator settings, network policies, secrets usage, container configuration, and other metrics. StackRox provides an automated means to profile and monitor your highest-risk assets during runtime, automatically elevating those assets with potential signs of attacker activity to the top of your queue. Finally – a pragmatic, context-based approach to managing your security program.
  • Detect and Respond: StackRox leverages continuous machine learning to adapt its understanding of your application environment. Constantly tuning its settings, the StackRox software minimizes false positives and false negatives. You can also set response options, including alerts and killing containers, to meet your needs. Finally – detection that adapts to the dynamic world of containers.

Security Across Your Entire Container Life Cycle.