StackRox Announces New Release of Container Security Platform
July 12, 2018

StackRox announced a new release of its Container Security Platform.

The new release is an integrated, full life cycle solution for container security that incorporates a feedback loop between the different phases of the container life cycle. This functionality uses threat information detected at runtime to inform risk scoring and policy enforcement as containers are built and deployed, resulting in actionable insights with greater context.

The StackRox Container Security Platform provides a feedback loop that leverages runtime data to proactively identify security risks earlier in the container life cycle. This software release also marks the first time that a full life cycle container security platform protects against key orchestrator-based threats, which have gained prominence due to recent high-profile compromises. The new release helps customers automatically catch potential security issues based on observed application behavior at runtime and extends its policy management capabilities to the additional attack surfaces introduced by orchestration systems themselves. The update also includes new capabilities that help customers reduce the attack surface during the build and deploy phase of the container life cycle.

“The StackRox Container Security Platform’s integrated approach streamlines decision making and fosters collaboration between security and DevOps,” said Wei Lien Dang, StackRox’s VP of Product. “Because our platform has a feedback loop that ties together capabilities across different phases of the container life cycle – as opposed to providing functionality on a standalone basis – it provides customers with an unmatched level of security against emerging container-based threats. It eliminates entire workflows that security operators would typically have to go through.”

The platform lets customers configure the new integration with just a couple clicks; as a result, security operators benefit from spending less time hunting for security issues and having to interpret how threat activity could potentially impact other parts of their container environment. This approach is adaptive to an enterprise’s ongoing and evolving security posture and is built for the speed and volume of data being generated in container environments so that customers don’t miss anything.

To augment security throughout the container life cycle, the StackRox Container Security Platform now supports vulnerability scanning and policy enforcement for network segmentation and secrets.

Specific to orchestrator-based threats, the platform evaluates configurations of security capabilities native to the orchestrator itself, such as role-based access controls, network policies and secrets in Kubernetes. If an attacker uses tools to conduct reconnaissance and scanning within the container environment or exploits orchestrator misconfigurations, the StackRox container security platform will detect that activity.

The new release of the StackRox platform adds core detection functionality to expose orchestrator-specific attacks that rely on exploiting certain components within Kubernetes environments, including the kubelet, Kubernetes service endpoints or metadata servers. Recently several examples of orchestrator-related attacks have been published, including a compromise of Tesla’s Kubernetes infrastructure that allowed attackers to mine cryptocurrency and a report that detailed how an attacker could have compromised Shopify’s Kubernetes clusters. The new StackRox release protects against these types of threats by default.

This upgraded version of the StackRox Container Security Platform will be generally available this month.

Share this

Industry News

April 03, 2025

StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.

April 03, 2025

Tricentis announced its spring release of new cloud capabilities for the company’s AI-powered, model-based test automation solution, Tricentis Tosca.

April 03, 2025

Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.

April 03, 2025

AutonomyAI announced its launch from stealth with $4 million in pre-seed funding.

April 02, 2025

Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.

April 02, 2025

Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.

April 02, 2025

Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.

April 02, 2025

Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)

April 02, 2025

Opsera raised $20M in Series B funding.

April 02, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.

April 01, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.

April 01, 2025

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.

April 01, 2025

Platform9 announced that Private Cloud Director Community Edition is generally available.

March 31, 2025

Sonatype expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite.

March 31, 2025

CloudBolt Software announced its acquisition of StormForge, a provider of machine learning-powered Kubernetes resource optimization.