Container security vendor StackRox announced new Kubernetes capabilities for their container security platform. The new features deepen the Kubernetes integrations with the software. The updated platform provides a deployment-centric view of the container system and context-based risk analysis. These features work with the capabilities of Kubernetes to enforce container security at any scale. StackRox has previously supported multiple different container systems, but are now shifting more focus on Kubernetes exclusively.
We reached out to Wei Lien Dang, VP of Product for StackRox, for his perspective on Kubernetes security and the benefits of a deployment-centric view for security teams. “When you take a deployment-centric view, the security and DevOps teams are aligned – they are looking at the same info, embedding security in the same infrastructure, and applying controls consistently across the environment. Without this view, security could apply a security control separate from how DevOps is running the infrastructure, and their policies will not align and will not be consistently enforced.”
Google’s Kubernetes orchestrates container deployment, scaling, and management by use of automated systems. Many MSPs, including Google Cloud, AWS, and Microsoft Azure support Kubernetes services. While these MSPs provide security systems for Kubernetes containers, companies like StackRox implement tools that monitor container communication to reduce the risk of attacks.
“Kubernetes is designed as developer’s tools,” Dang said. “As a result, it defaults to allowing open communications amongst all assets so that developers can write code fast and know that all the parts of their application can communicate with each other. Security teams need to look for ways to tighten down that “default allow” communication path so penetration in one area does not grant broader access across the environment.”
StackRox’s Container Security Platform displays a view of container systems that both DevOps and security teams can understand. It monitors for potential risks and responds based on the level of threat they pose. CSO named them one of the 26 best security software of 2019. They were also listed as one of CRN’s 10 Hottest Container Startups of 2018.
Check us out on Twitter for the latest in Enterprise Cloud news and developments!