StackRox announces the addition of further capabilities to the Container Security Platform, including deployment-centric visibility, multi-factor risk profiling and network policy management.
The Container Security Platform leverages multiple Kubernetes integrations to provide customers with a deployment-centric view of the environment, prioritise risks based on rich context, allow robust and scalable policy enforcement and improve on the security of container and Kubernetes environments. Visibility centered around deployments allows DevOps and security teams to quickly visualise all deployments and pods across namespaces and clusters, bringing effective policy management within a Kubernetes environment.
Meanwhile multi-factor risk profiling provides deeper insights into cluster details, labels and annotations, provileges, secrets and network reachability to more accurately prioritise risks. Details such as whether a cluster is running in test or production, application owner, type of data and secrets accessed and network configuration provide helpful context far beyond vulnerability data.
As for network policy enforcement, the platform features a network graph (displays allowed versus actively used communication paths among namespaces and deployments), policy recommendation engine (provides actionable steps to disable unnecessary communications paths among assets) and policy simulator (enables DevOps and security teams to preview new network policies, visualise network connectivity paths and confirm policies are accurate before applyication in Kubernetes).
Deployed as a set of containers using Kubernetes YAML files or Helm charts, the StackRox Container Security Platform supports all Kubernetes deployment modes, including self-managed clusters, managed services such as Amazon KES, Azure AKS and Google GKE, and Kubernetes distributions such as Red Hat OpenShift and Docker Enterprise Edition.