StackRox announced a new release of its Container Security Platform. It is the integrated solution for container security that incorporates a feedback loop between the different phases of the container life cycle. This functionality uses threat information detected at runtime to inform risk scoring and policy enforcement as containers are built and deployed, resulting in actionable insights with greater context.
The release helps customers catch potential security issues based on observed application behavior at runtime and extends its policy management capabilities to the additional attack surfaces introduced by orchestration systems themselves.
The update also includes capabilities that help customers reduce the attack surface during the build and deploy phase of the container life cycle.
“The StackRox Container Security Platform’s integrated approach streamlines decision making and fosters collaboration between security and DevOps,” said Wei Lien Dang, StackRox’s vice president of product.
“Because our platform has a feedback loop that ties together capabilities across different phases of the container life cycle – as opposed to providing functionality on a standalone basis – it provides customers with an unmatched level of security against emerging container-based threats. It eliminates entire workflows that security operators would typically have to go through.”
The platform lets customers configure the integration with just a couple clicks; as a result, security operators benefit from spending less time hunting for security issues and having to interpret how threat activity could potentially impact other parts of their container environment. This approach is adaptive to an enterprise’s ongoing and evolving security posture and is built for the speed and volume of data being generated in container environments so that customers don’t miss anything.
“Cloud-native development demands a new security approach, one that works across the full container life cycle,” said Diogo Mónica, former security lead at Docker. “Building in an automated, continuously running feedback loop between the development and operations phases increases the overall security posture and improves the efficiency of security teams.”
To augment security throughout the container life cycle, the StackRox Container Security Platform supports vulnerability scanning and policy enforcement for network segmentation and secrets.
Specific to orchestrator-based threats, the platform evaluates configurations of security capabilities native to the orchestrator itself, such as role-based access controls, network policies and secrets in Kubernetes. If an attacker uses tools to conduct reconnaissance and scanning within the container environment or exploits orchestrator misconfigurations, the StackRox container security platform will detect that activity.
The release of the StackRox platform adds core detection functionality to expose orchestrator-specific attacks that rely on exploiting certain components within Kubernetes environments, including the kubelet, Kubernetes service endpoints or metadata servers.
Recently several examples of orchestrator-related attacks have been published, including a compromise of Tesla’s Kubernetes infrastructure that allowed attackers to mine cryptocurrency and a report that detailed how an attacker could have compromised Shopify’s Kubernetes clusters. The StackRox release protects against these types of threats by default.
This upgraded version of the StackRox Container Security Platform will be generally available this month.