StackRox Container Security Platform
The StackRox Container Security Platform protects applications across the entire container life cycle.
During build, reduce your attack surface. StackRox enforces service-centric deployment policies on vulnerabilities and configurations in your images and orchestrator settings to mandate fixes during the build phase. The StackRox software can block services from deploying if they violate critical policies. You can also set the StackRox software to allow services with non-critical risks to deploy, but immediately issue notifications to your dev teams with remediation suggestions and instructions.
During deploy, profile your runtime risk. StackRox prioritizes the most critical security issues to address. The StackRox software provides this risk profiling by tapping into a broad set of factors, including orchestrator settings,, network policies, secrets usage, container configuration, and other metrics. StackRox provides an automated means to profile and monitor your highest-risk assets during runtime, automatically elevating those assets with potential signs of attacker activity to the top of your queue.
During runtime, detect and respond. StackRox leverages continuous machine learning to adapt its understanding of your application environment. Constantly tuning its settings, the StackRox software avoids false positives and false negatives. You can also set response options, including alerts and killing containers, to meet your needs. Finally – detection that adapts to the dynamic world of containers.
The StackRox platform then takes data learned during each phase of the container life cycle and uses it to improve the other phases. For example, if during runtime we see and stop an exploit of a container configuration that was allowed to proceed at deploy, we will elevate the risk of similarly configured containers at deploy.
StackRox – continuous security, continuously improving.