StackRox Boosts Container Security Platform With Multi-Risk Profiling

The StackRox Container Security Platform 2.4 update includes enhanced capabilities to help organizations better secure Kubernetes cloud-native deployments.

StackRox 2.4

StackRox announced the 2.4 release of its Container Security Platform on Jan. 23, providing organizations with enhanced capabilities to help secure cloud-native Kubernetes environments.

Among the improvements that landed in StackRox Container Security Platform 2. update are multi-factor risk profiling capabilities that deliver insight into potential security issues within Kubernetes clusters. Network policy management gets a boost as well thanks to a network graph feature and a policy simulator that enables administrators to test out the impact of policy on Kubernetes deployments. Additionally, StackRox is integrating what it refers to as "deployment-centric visibility" into its new platform update.

"The visibility is deployment-centric, not development-centric, meaning it is focused on Kubernetes deployments," Wei Lien Dang, vice president of product at StackRox, told eWEEK. "It is different from what we offered in the past in that the context is specific to constructs that exist natively within Kubernetes."

Kubernetes is an open-source container orchestration platform that enables organizations to deploy and manage cloud-native application workloads. StackRox emerged from stealth in July 2017 with two products, Prevent and Detect and Respond. With Detect and Respond 2.0 which was released in January 2018, StackRox integrated its Adversarial Intent Model (AIM) in an effort to provide insight into how container attacks occur. StackRox competes against multiple companies in the container security space, including Twistlock, Aqua Security, Capsule8 and NeuVector, among others.

Dang explained that since July 2018, StackRox has unified its product offerings into a single platform that secures the entire life cycle of containerized apps. He said that the StackRox Container Security Platform now encompasses security functionality across build, deploy and runtime phases and includes the detection and incident response capabilities that were previously available in the Detect and Respond product.

Multi-Risk Profiling

The ability to identify areas of potential risk is a capability that StackRox is improving in its new update. Dang said StackRox has now broadened the risk assessment factors to include context that allows an organization to better understand its actual risk exposure. For example, when dealing with a particular vulnerability, whether the circumstances and configurations increase the likelihood that it may be exploited is considered part of the multi-risk profiling.

Dang explained that StackRox weighs the factors that are specific to Kubernetes, such as how network policies are configured. 

Network Policy

Network policy is a key area of improvement in the StackRox Container Security Platform 2.4 update, thanks to several new features.

The new graph provides visibility regarding network traffic within a Kubernetes environment and makes it easier to ensure that appropriate network segmentation is applied to deployments. The network graph displays allow communications paths with dotted lines based on network policies configured in Kubernetes, Dang said. The active communications paths have solid lines and are displayed based on StackRox's monitoring of all the network traffic at runtime. 

"Our recommendation engine then highlights potential changes to configured network policies to scope down allowed access based on what a deployment actually requires," Dang said.

Another enhanced capability in the 2.4 update is a network policy simulator that enables administrators to see the impact of a policy change on Kubernetes operations. He said that for network policies that StackRox generates and recommends, the platform allow users with appropriate privileges to enable the changes directly in Kubernetes by clicking a single button. 

What's Next

There are several areas of future improvement that StackRox is focused on. Compliance is one such focus area, with StackRox set to add automated checks for additional industry and regulatory compliance standards and specifications. Dang said StackRox is also working on additional recommendation engine capabilities, automatically helping users further reduce their Kubernetes attack surface and risk exposure.

Among the emerging areas of the cloud-native Kubernetes landscape is serverless, also referred to as functions-as-a-service. Dang said StackRox currently does not support serverless deployments but plans to in future releases. 

"We are closely engaged with our customers on the specific use cases and concerns they are looking to address when it comes to serverless," he said.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.