Subscribe to the feed

Today, Red Hat is excited to announce that Red Hat Advanced Cluster Security for Kubernetes (RHACS) is now open sourced as StackRox. The Kubernetes and container security community can now use and contribute to the codebase of StackRox on Github.

In 2021, Red Hat acquired StackRox and the first Kubernetes-native security platform with an innovative approach to container security. With the acquisition, Red Hat further expanded its security leadership and reinforced its commitment to deliver a single, holistic, integrated application platform for users to build, deploy, and more securely run nearly any application across the hybrid cloud. 

Red Hat has always maintained its commitment to supporting the open source community, and with this news, we’re enabling developer and security teams to deliver more secure applications faster. With Red Hat’s latest open source contribution, customers will be able to solve their Kubernetes security challenges, including:

  • Automating DevSecOps
  • Shift security left
  • Operationalizing full life cycle application security in Kubernetes
  • Overcome the challenges of Kubernetes security

Key use cases for StackRox

StackRox integrates with DevOps and security tools, allowing teams to operationalize and implement security for their supply chain, infrastructure, and workloads. 

Supply chain security

  • Simplify DevOps processes by providing developers with security context in their existing workflows.
  • Integrate security into your CI/CD pipelines and image registries to provide continuous image scanning and assurance.
  • Scan images for both operating system (OS)- and language-level vulnerabilities.
  • Use existing security information and event management (SIEM) tools and notification platforms to facilitate remediation and response.

Infrastructure security

  • Harden your organization’s environment to ensure the underlying infrastructure is configured to maintain security.
  • Prevent configuration drift by compliance checks against CIS benchmarks or custom policies.
  • Analyze existing rules for role-based access control (RBAC) to prevent insecure access and authorizations. 
  • Connect with the Kubernetes API to watch for high-risk actions like configmap changes or container exec commands.

Workload security

  • Prevent high-risk workloads from deploying or running using out-of-the-box deploy-time and runtime policies.
  • Harden workloads by enforcing network policies that adhere to the principle of least privilege—only providing the access privileges necessary to complete a task.
  • Use allow-listing and behavioral modeling to detect anomalous application behavior indicative of a threat at runtime. 
  • Monitor known good behavior to configure custom policies and alerts for anomalous and malicious behavior.

StackRox’s Kubernetes-native architecture will enable teams to harden their applications across their cloud and on-premise environments and accomplish this in a transparent, collaborative manner. With the recent breaches and supply chain exploits over the past year, we see StackRox as a way to help communities harden their application and take an end-to-end zero-trust approach to Kubernetes. 

Red Hat Advanced Cluster Security will continue to innovate as the enterprise-ready version of the StackRox project for all of your Kubernetes security needs. Red Hat Advanced Cluster Security is available as a standalone product or part of OpenShift Platform Plus.

How to get started

The StackRox community website will contain all open source updates moving forward. We recommend following the RSS feed, joining the engineering meetings (by subscribing to the community@stackrox.com calendar), and participating in the monthly office hours to learn more. 

The StackRox source code is available on GitHub to use and consume. Please see the GitHub repository for information regarding deploying open source StackRox into your Kubernetes clusters and star and watch it follow along as we simplify and make it easier for you to consume.

The StackRox documentation is freely available in the application's user interface or from the Red Hat Advanced Cluster Security documentation to learn how to manage the application. 


About the authors

Ajmal Kohgadai is Principal Product Marketing Manager for Red Hat Advanced Cluster Security for Kubernetes. Prior to its acquisition by Red Hat, he was the Director of Product Marketing and Growth at StackRox, a leading Kubernetes security company.

 

Read full bio

Browse by channel

automation icon

Automation

The latest on IT automation for tech, teams, and environments

AI icon

Artificial intelligence

Updates on the platforms that free customers to run AI workloads anywhere

open hybrid cloud icon

Open hybrid cloud

Explore how we build a more flexible future with hybrid cloud

security icon

Security

The latest on how we reduce risks across environments and technologies

edge icon

Edge computing

Updates on the platforms that simplify operations at the edge

Infrastructure icon

Infrastructure

The latest on the world’s leading enterprise Linux platform

application development icon

Applications

Inside our solutions to the toughest application challenges

Original series icon

Original shows

Entertaining stories from the makers and leaders in enterprise tech