StackRox
announced that it was awarded a Phase III contract by the Department of Homeland Security (DHS) Science
and Technology Directorate
(S&T)'s Silicon Valley Innovation Program (SVIP) to protect
mission-critical, cloud-native applications for financial institutions.
Through the Next
Generation Cyber Infrastructure (NGCI) program, StackRox is delivering
container and Kubernetes security for a large U.S. financial services
company.
In 2018, StackRox was awarded a Phase II SVIP contract by DHS to advance container threat information
sharing among financial institutions to prevent an attack from hitting multiple
organizations. With this Phase III award, the financial services company
is leveraging the StackRox Kubernetes Security Platform to defend its cloud-native infrastructure
from vulnerabilities and misconfigurations while ensuring compliance and
detecting and stopping runtime threats. By completing this phase of the program,
StackRox will enable additional financial service institutions and other NGCI
stakeholders to leverage StackRox to operationalize container and Kubernetes
security at scale. Having delivered the industry's only Kubernetes-native
platform, StackRox delivers better security, reduced operational risk, and
lower operational costs.
The
Department of Homeland Security is investing heavily in safeguarding critical
infrastructure that relies on cloud-native technology, particularly in the
financial sector where the stakes are especially high. DHS and StackRox are working together to help DHS stakeholders stay ahead
of the evolving threat landscape, with StackRox delivering capabilities that detect,
defend, protect, restore and respond to sophisticated and targeted
cyber-threats. In Phase III, StackRox is focused on securing the containerized
applications of the financial sector partner throughout the application life
cycle - build, deploy and runtime - across several key use cases, including:
- Visibility into cloud-native applications, including all images,
container registries, Kubernetes deployment configurations, container
runtime behavior, and more.
- Vulnerability Management to identify vulnerabilities in
images, containers, Kubernetes, and running deployments and prevent
non-compliant builds.
- Configuration Management to identify misconfigurations across
images, containers, clusters, Kubernetes, and network policies, to prevent
accidental misconfigurations that put application performance and security
at risk.
- Threat Detection combining rules, whitelists,
baselines, and behavioral modeling to identify threats at runtime in your
container environments.
- Incident Response taking automated actions such as killing and restarting
pods via Kubernetes to shut down attacks.
- Regulatory Compliance providing continuous and on-demand
checks on controls to meet CIS Benchmarks, NIST 800-190 and 800-53, SOC 2,
PCI, and HIPAA.
"Given our long partnership with
In-Q-Tel and our close work with the United States Air Force, DoD, DHS, and
U.S. Intelligence Community, protecting government infrastructure is woven into
the fabric of StackRox innovation," said Ali Golshan, co-founder and CTO
for StackRox. "We're proud to have reached Phase
III of this initiative and look forward to continuing our collaboration with
DHS to meet the stringent security requirements needed to protect our nation's
mission-critical infrastructure."