StackRox Adds Workflows to Advance DevSecOps on Kubernetes

Source – https://containerjournal.com/

StackRox today added additional DevSecOps workflow capabilities to its security platform that runs natively on Kubernetes platforms.

IT teams can now identify vulnerabilities in active software dependencies during runtime and scan for vulnerabilities in container images that have no base operating system.

Remediation efforts can now be prioritized based on vulnerability scores. The StackRox Kubernetes Security Platform surfaces recommendations so teams can identify the most efficient and effective course of action for threat remediation. They can also track mean time to remediation and refine and improve procedures and processes as teams gain DevSecOps expertise.

In addition, the StackRox Kubernetes Security Platform can now discover vulnerabilities in container images within .NET Core and ASP.NET Core frameworks.

Finally, StackRox has added integration with AWS Security Hub, Google Artifact Registry, Splunk and Red Hat OpenShift Admission Controller. Red Hat announced earlier this month it is acquiring StackRox . After the acquisition is completed, the StackRox portfolio of container security software will be made available as open source software.

David Van Everen, vice president of marketing for StackRox, says integration with platforms IT organizations rely on to manage application development and IT infrastructure is critical, because it surfaces container security insights within an existing workflow rather than requiring IT teams to log into a separate platform.

In general, Van Everen says the “shift left” of application security responsibility occurs at a time when organizations are also embracing microservices, built using containers, to build and deploy cloud-native applications. That shift is creating a unique opportunity for those organizations to embrace DevSecOps best practices, as the processes for building those types of applications are still being defined, Van Everen says. The goal is to enable organizations to continuously apply and enforce security policies as those applications are constructed and deployed, Van Everen says.

IT organizations making that transition should foster increased collaboration between developers and cybersecurity teams, Van Everen says. Kubernetes, by default, is insecure, so it’s up to each organization to learn what controls need to be applied, he says.

The StackRox Kubernetes Security Platform runs natively on Kubernetes, which Van Everen says eliminates the need to rely on proxies or container sidecars that are cumbersome to deploy and manage. However, securing Kubernetes platforms remains a specialized skill that IT organizations need to acquire, Van Everen says.

Significant progress is being made toward achieving DevSecOps, Van Everen says, but most organizations are still a long way from completely embedding security workflows within their DevOps processes. The challenge in the context of a Kubernetes environment is enabling IT teams to achieve that goal with the least amount of friction, Van Everen says.

The shift to DevSecOps will soon require security to be embedded within those workflows. As organizations embrace microservices to drive digital business transformation, initiatives that rely on platforms such as Kubernetes will find the security stakes are too high to ignore.

Related Posts

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x
Artificial Intelligence