Mountain View, CA, USA
Mar 4, 2021   |  By Michael Foster
StackRox is continuing to shape the future of Kubernetes by enabling customers to build, deploy and run cloud-native applications at scale securely. In recent months, we have released several new, important features covered in this post, focusing on enhanced detection capabilities and simplified administrative workflows.
Mar 2, 2021   |  By Michael Foster
When containers first broke onto the scene, it was immediately apparent that it was a disruptive technology. What was not clear was how containers were going to be scaled and orchestrated effectively. In the early days, the container orchestration competition was intense, with applications such as Docker Swarm, Apache Mesos, and Kubernetes aiming to address this issue. However, in the last six years, Kubernetes has differentiated itself and pulled away as the clear container orchestration choice.
Mar 2, 2021   |  By Michael Foster
Kubernetes namespaces are a central part of how we structure, deploy, and manage containers today. However, namespaces are not a new concept; in fact, Linux namespaces were introduced in 2002 and designed to separate and group individual processes and capabilities. So how did the idea grow to be used in the robust fashion it is used today? This blog will review;
Feb 19, 2021   |  By Wei Lien Dang
The rapid emergence of modern software development initiatives, public cloud services, and cloud-native tools such as Kubernetes and containers has accelerated the seminal move towards DevOps practices.
Feb 12, 2021   |  By Michael Foster
DevOps, DevSecOps, shift-left, security posture, cloud native, etc. Chances are you’ve heard these terms or similar buzzwords when discussing modern application development life cycles. These new industry words can be beneficial – by providing a framework that explains complex processes – or harmful through misuse or overuse. Whether misuse is intentional or not, a buzzword can convey a context that the user doesn’t truly represent.
Feb 4, 2021   |  By Michael Foster
The KubeLinter is an open-source command-line interface to identify misconfigurations in Kubernetes objects. KubeLinter offers the ability to integrate checks on Kubernetes YAML files and Helm charts before deployment into a Kubernetes cluster. With 19 standard built-in checks and the room to configure your own, you get immediate feedback about misconfigurations and Kubernetes security violations.
Jan 25, 2021   |  By Michael Foster
This is the last installment in our four-part RKE security blog series. Don’t forget to get caught up on everything you missed!
Jan 22, 2021   |  By Michael Foster
This is the third installment in our four-part RKE security blog series. Don’t forget to follow along to our upcoming posts and get caught up on everything you missed!
Jan 21, 2021   |  By Michael Foster
This is the second installment in our four-part RKE security blog series. Don’t forget to follow along to our upcoming posts in the series.
Jan 20, 2021   |  By Michael Foster
This is the first installment in our four-part RKE security blog series. Don’t forget to follow along to our upcoming posts in the series.
May 30, 2020   |  By StackRox
Speaker: Andy Clemenko, Solutions Engineer, StackRox
Apr 6, 2020   |  By StackRox
Learn about the best practices and recommended approaches to implementing a successful DevSecOps program
Mar 18, 2020   |  By StackRox
George Gerchow, chief security officer at Sumo Logic, talks about applying security early in the app dev process and how leveraging the Kubernetes-native architecture of StackRox fits perfectly into that mandate.
Feb 25, 2020   |  By StackRox
In this StackRox video, Karen Bruner takes a wide-ranging look at the current features and limitations of the managed Kubernetes services from the three largest cloud service providers: Amazon’s Elastic Kubernetes Service (EKS), Microsoft’s Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). We hope that by presenting this information side-by-side, both current Kubernetes users and prospective adopters can see their options or get an overview of the current state of managed Kubernetes.
Feb 25, 2020   |  By StackRox
The recent Kubernetes security audit and the issues it identified got lots of publicity. But did you know that the audit reports also include many recommendations you can apply today to improve your security posture?
Feb 25, 2020   |  By StackRox
Join us to get your questions answered on how to improve security and reduce your blast radius while increasing velocity in cloud-native environments.
Feb 25, 2020   |  By StackRox
We take a deep-dive into how to implement best-in-class security for your EKS clusters and workloads, including:
    , Using and building secure container images , Best practices for AWS VPC design and workload AWS IAM controls , Controlling cluster access with authentication and RBAC , Network security options and workload security using security policies and namespaces , Monitoring cluster security
Feb 25, 2020   |  By StackRox
For many DevOps teams, Kubernetes has become an enterprise IT mandate, but like previous waves of infrastructure change, Kubernetes security best practices must be followed throughout the container life cycle.
Feb 25, 2020   |  By StackRox

In this webinar, you’ll learn:

  • The top security and privacy challenges confronting cloud-native enterprise stacks.
  • Why a focus on Kubernetes-native security is crucial to securing containers.
  • Ways to leverage Kubernetes-based security to simplify compliance, operations and triage.
Feb 10, 2020   |  By StackRox
Download to learn about: Key Kubernetes security considerations you must be aware of, Operationalizing built-in Kubernetes security features (RBAC, admission controllers, network policies), Security best practices for building/deploying containers as well as protecting your containerized apps during runtime, and How StackRox helps customer secure their containers and Kubernetes across build, deploy, and runtime phases.
Mar 3, 2019   |  By StackRox
Download our definitive guide to implementing a container security strategy across the application development life cycle.
Mar 1, 2019   |  By StackRox
Download this guide to learn about the container security challenges to complying with PCI DSS and how StackRox helps bring your container environment into compliance with PCI DSS.
Feb 1, 2019   |  By StackRox
The State of Container Security report was written to understand how container and Kubernetes adoption trends intersected with security concerns.
Jan 1, 2019   |  By StackRox
If you run workloads in Kubernetes, you know how much important data is accessible through the Kubernetes API-from details of deployments to persistent storage configurations to secrets. The Kubernetes community has delivered a number of impactful security features in 2017 and 2018, including Role-Based Access Control (RBAC) for the Kubernetes API.
Dec 1, 2018   |  By StackRox
Download our security toolkit for valuable tips and practical suggestions on how to harden containers and hosts as a first step toward a more secure container environment.
Nov 1, 2018   |  By StackRox
Containers have generated plenty of fear, uncertainty, and doubt in the blogosphere about what's needed to secure them. They are ephemeral, they are too numerous to count, they talk to each other (East-West) more than they communicate with the outside World (NorthSouth), and they are typically part of a fast-moving continuous integration/continuous deployment (CI/CD) freight train.
Oct 1, 2018   |  By StackRox
Download to learn about the 9 security settings that you should check immediately to help ensure your Kubernetes environment is secure
Sep 1, 2018   |  By StackRox
As you evolve your security strategy and seek out new solutions to protect your application container environments, consider these 5 essential aspects to ensure the most effective threat protection, along with minimal DevOps toolchain friction and improved security management.

The StackRox Kubernetes Security Platform protects your applications across the entire container life cycle. The software discovers your full container environment, ensures assets adhere to your security policies, and identifies and stops malicious actors. Continuously improving security – that’s StackRox.

Containers offer intrinsic security benefits but at the same time increase the attack surface. The StackRox Kubernetes Security Platform maximizes the inherent security advantages of containers – immutability and declarative configuration – to help you harden your container environment. Our software integrates with tooling across the container ecosystem to provide the industry’s best risk profiling, highlighting those assets that need an immediate fix.

Why Customers Choose StackRox?

  • Reduce your Attack Surface: StackRox enforces service-centric deployment policies on vulnerabilities and configurations in your images and orchestrator settings to mandate fixes during the build phase. The StackRox software can block services from deploying if they violate critical policies. You can also set the StackRox software to allow services with non-critical risks to deploy, but immediately issue notifications to your dev teams with remediation suggestions and instructions. Finally – you can run fast AND run safe.
  • Profile Runtime Risk: StackRox prioritizes the most critical security issues to address. The StackRox software provides this risk profiling by tapping into a broad set of factors, including orchestrator settings, network policies, secrets usage, container configuration, and other metrics. StackRox provides an automated means to profile and monitor your highest-risk assets during runtime, automatically elevating those assets with potential signs of attacker activity to the top of your queue. Finally – a pragmatic, context-based approach to managing your security program.
  • Detect and Respond: StackRox leverages continuous machine learning to adapt its understanding of your application environment. Constantly tuning its settings, the StackRox software minimizes false positives and false negatives. You can also set response options, including alerts and killing containers, to meet your needs. Finally – detection that adapts to the dynamic world of containers.

Security Across Your Entire Container Life Cycle.