Virtualization Technology News and Information
New Centralized Governance Solution - StackRox Prevent - Ensures Containers Are Secure and Compliant Before Deployment

Today StackRox announced the beta of StackRox Prevent, a new product that enables security teams to minimize their container attack surface from build to deployment. The new solution synthesizes information across diverse security and DevOps datasets and tools, such as Kubernetes, into actionable insights, giving security leaders the holistic perspective they need to make strategic, risk-driven decisions. StackRox is also offering free assessments using the new tool, giving organizations an instant profile of risk across their Docker container environments.

In "10 Things to Get Right for Successful DevSecOps", Neil MacDonald, VP, Distinguished Analyst, Gartner; and Ian Head, Research Director, Gartner, wrote that security and risk management (SRM) tasked with ensuring application and data security should: "Scan for known vulnerabilities and misconfigurations in all open-source and third-party components. Ideally, build out a complete bill of materials using software composition analysis." They also recommend: "Stop trying to remove all unknown vulnerabilities in custom code, which increases false positives. Instead, focus developers on those with the highest severity and confidence."*

StackRox Prevent automates security and compliance for container deployments based on monitoring and analyzing information across multiple dimensions - including vulnerability scans, as well as host, container and orchestrator configurations. This approach eliminates the time-consuming, complex work required to pinpoint and remediate security risks, and helps security teams share actionable information with DevOps teams using integrations with familiar workflow tools.

StackRox Prevent delivers:

  • A comprehensive picture of container risk. Via deep orchestrator integration, security teams can establish risk awareness at the service and cluster levels. The holistic view of the entire container attack surface StackRox Prevent generates helps organizations make risk-informed security decisions.
  • Host, container, and orchestrator configuration assessment. StackRox Prevent enables security teams to easily identify security risks spanning various parts of the container stack and fast-track remediation efforts to eliminate container vulnerabilities and misconfigurations.
  • Simplified container governance. StackRox eliminates complexities by automating configuration checks and policy enforcement across multiple platforms.

"At StackRox, we're committed to helping our enterprise and government customers secure their container environments across all phases of the container lifecycle," said Sameer Bhalotra, co-founder and CEO for StackRox. "We're pleased to offer this comprehensive approach of using StackRox Prevent to mitigate risks by eliminating vulnerabilities and misconfigurations in the build and deploy phases along with our flagship product - StackRox Detect and Respond - for runtime security in production environments."


The StackRox Prevent beta and free assessment service are now available, with general availability of StackRox Prevent expected in Q2 2018.

Published Thursday, February 22, 2018 9:34 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<February 2018>