Progress announced the Q4 2024 release of its award-winning Progress® Telerik® and Progress® Kendo UI® component libraries.
StackRox announced new capabilities in the StackRox Container Security Platform that leverage the platform’s multiple integrations with Kubernetes.
The latest enhancements allow businesses to gain a deployment-centric view of their environment, quickly prioritize risks based on rich context, leverage Kubernetes for robust and scalable policy enforcement, and significantly improve the security of their container and Kubernetes environments.
New capabilities available in the latest release of the StackRox Container Security Platform include:
- Deployment-Centric Visibility: StackRox’s deep integration with Kubernetes delivers visibility centered around deployments versus simply an image, enabling DevOps and Security teams to speak a common language and eliminate confusion. DevOps and Security teams can quickly visualize all of their deployments and pods across namespaces and clusters. Visibility at the deployment level is essential to managing policies and addressing misconfigurations effectively in a Kubernetes environment.
- Multi-Factor Risk Profiling: StackRox leverages its integration with Kubernetes to deliver deeper insight into cluster details, labels and annotations, privileges, secrets and network reachability to more accurately prioritize risks. Details such as whether a cluster is running in test or production, the owner of the application, the type of data and secrets accessed, and the network configuration of the deployment (e.g., is it reachable from the Internet) all provide helpful context far beyond vulnerability data.
- Network Policy Management: StackRox network policy enforcement capabilities include the newly added network graph, policy recommendation engine, and policy simulator. These features all tie into Kubernetes to enable a robust, scalable and portable solution for network segmentation. The network graph displays allowed versus actively used communications paths among namespaces and deployments as well as Internet reachability of deployments. The policy recommendation engine provides actionable steps to disable unnecessary communications paths among these assets. The policy simulator enables DevOps and Security teams to preview new network policies, visualize their network connectivity paths, and confirm the policies are accurate before applying them in Kubernetes.
“As Kubernetes continues its astonishing pace of adoption as the orchestrator of choice for cloud-native environments, it becomes an increasingly attractive target for attackers. Given that many organizations are still getting educated on Kubernetes security best practices, they are at increased risk for exposing their applications and data,” said Wei Lien Dang, StackRox VP of Product. “The StackRox mission is to deliver a platform for DevOps and Security teams alike to operationalize security for their Kubernetes and container environments. We developed our new capabilities for better visibility, richer context, and stronger enforcement — tied to our deep integrations with Kubernetes — to provide more ways to reduce the container attack surface, mitigate known vulnerabilities, and limit the impact of attacks efficiently and effectively.”
Deployed as a set of containers using Kubernetes YAML files or Helm charts, the StackRox Container Security Platform supports all Kubernetes deployment modes, including self-managed clusters; managed services such as Amazon EKS, Azure AKS, and Google GKE; and Kubernetes distributions such as Red Hat OpenShift and Docker Enterprise Edition.
These new capabilities are available in the current release of the StackRox Container Security Platform.
Industry News
Check Point® Software Technologies Ltd. has been recognized as a Leader and Fast Mover in the latest GigaOm Radar Report for Cloud-Native Application Protection Platforms (CNAPPs).
Spectro Cloud, provider of the award-winning Palette Edge™ Kubernetes management platform, announced a new integrated edge in a box solution featuring the Hewlett Packard Enterprise (HPE) ProLiant DL145 Gen11 server to help organizations deploy, secure, and manage demanding applications for diverse edge locations.
Red Hat announced the availability of Red Hat JBoss Enterprise Application Platform (JBoss EAP) 8 on Microsoft Azure.
Launchable by CloudBees is now available on AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).
Kong closed a $175 million in up-round Series E financing, with a mix of primary and secondary transactions at a $2 billion valuation.
Tricentis announced that GTCR, a private equity firm, has signed a definitive agreement to invest $1.33 billion in the company, valuing the enterprise at $4.5 billion and further fueling Tricentis for future growth and innovation.
Check Point® Software Technologies Ltd. announced the new Check Point Quantum Firewall Software R82 (R82) and additional innovations for the Infinity Platform.
Sonatype and OpenText are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever.
Red Hat announced an extended collaboration with Microsoft to streamline and scale artificial intelligence (AI) and generative AI (gen AI) deployments in the cloud.
Endor Labs announced that Microsoft has natively integrated its advanced SCA capabilities within Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP).
Progress announced new powerful capabilities and enhancements in the latest release of Progress® Sitefinity®.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.
Securiti announced a new solution - Security for AI Copilots in SaaS apps.
Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.