StackRox Looks to Automate Container Security Operations

SAN FRANCISCO—Ali Golshan began working on StackRox in December 2014 as a new type of security company for container environments. The company emerged from stealth in July 2017 with technology to help secure cloud-native container environments and has been steadily improving its technology ever since.

In a video interview with eWEEK at DockerCon 18 here, Golshan discusses what has changed in his company since it emerged from stealth and where it is headed in the months ahead. A core area of innovation for StackRox has been figuring out how and where automation can help improve container security operations.

"We've been trying to figure out what are all the low-hanging fruit and pieces in the cloud-native world that can be automated and taken off an operator’s plate," he said. "Responding to threats, violations and misconfigurations in real time is extraordinarily difficult, so as much of that we can automate, the better."

StackRox has several core modules in its platform, according to Golshan, including the Prevent module that provides threat detection and response capabilities. StackRox has also been working this year on advancing its build and deployment module.

While new features are part of StackRox’s roadmap, Golshan emphasized that a core focus for the company is unifying the flow for container operations from development to operations. StackRox's platform can take information and context from the build side of container development and then provide that as context at runtime, he said. The model also works in reverse, with vulnerabilities and issues discovered at runtime helping to inform changes that occur in development.


"This industry is no different than most. Initially you have to reduce the attack surface as much as possible," Golshan said.

He added that the threats he has seen as customer deployments are common items like misconfigurations and exposed APIs. StackRox also spends time and resources on security research, looking, for example, at ways attackers can get around container isolation. 

Looking forward, Golshan said that for his company's 2.5 platform release later this year, the plan is to join the prevention and build module together to provide a cohesive architecture that can cover the full container development and deployment lifecycle.

Watch the full video interview with Golshan above.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.