订阅内容

When we began contributing to the Kubernetes project at its inception in 2014, we believed the technology would be the future of cloud-native IT. But at that time, I don't think we realized just how impactful Kubernetes would be. Fast forward six years, and we have seen broad Kubernetes adoption and Red Hat OpenShift has become the industry’s leading enterprise Kubernetes solution. Today, we're excited to announce the next step in our journey with Kubernetes through the acquisition of StackRox. I'd like to share some of my thoughts on the exciting opportunities Red Hat can explore after the acquisition closes.

By bringing StackRox’s powerful Kubernetes-native security capabilities to OpenShift, we are reinforcing our commitment to deliver a holistic open hybrid cloud platform. We want to enable users to build, deploy and more securely run applications across every IT footprint. 

With its Kubernetes-native architecture, StackRox is a natural fit for Red Hat. StackRox’s complementary capabilities will strengthen the
layered approach to container and Kubernetes security we have been driving with our partners through OpenShift. The world’s largest banks, airlines, auto manufacturers, logistics companies and even government agencies, entrust their mission critical applications to Red Hat’s open hybrid cloud platform. 

With StackRox, Red Hat will focus on transforming how cloud-native workloads are secured by expanding and refining Kubernetes’ native controls. StackRox’s software provides visibility and consistency across all Kubernetes clusters, helping to reduce the time and effort needed to implement security while streamlining security analysis, investigation and remediation. We will also be working towards shifting security “left” into the container build and CI/CD phase, to identify and address issues earlier in the development cycle to provide more cohesive security up and down the entire IT stack and throughout the application lifecycle. 

Building greater security into cloud-native development and operations aka DevSecOps

For developers, StackRox provides application analysis to identify and remediate known vulnerabilities and misconfigurations. This includes: inappropriate access to secrets; heightened privileges; excessive network exposure before deployment; and more. 

Additionally, in October 2020, StackRox launched KubeLinter, an open source project that analyzes Kubernetes YAML files and Helm charts for correct configurations. Red Hat will continue to invest in and foster this ecosystem as well as drive towards the full open sourcing of StackRox’s capabilities.

For operations teams, StackRox brings a rich set of observability features, including the ability to visualize existing network connections and enforce tighter segmentation via Kubernetes network policies. This extends Red Hat OpenShift’s built-in monitoring and alerting while also adding the automated generation of network policy rules, based on application analysis, as well as the ability to simulate and visualize the impact of possible policies.

For security teams, StackRox provides runtime detection by baselining process activity within containers and automatically identifying anomalous processes. This complements the built-in runtime protection provided by OpenShift’s use of the controlled immutability of Red Hat Enterprise Linux (RHEL) CoreOS, SELinux and the security context constraints (SCC) admission controller plug-in. 

StackRox’s capabilities, combined with OpenShift, will allow Red Hat and our ecosystem of partners, including our container and Kubernetes security partners to better serve our customers and jointly enable rapid adoption of hybrid cloud architectures. Red Hat believes strongly in providing choice to our customers, to facilitate innovation and flexibility. 

And while Red Hat sees great value in bringing StackRox’s Kubernetes-native capabilities to OpenShift, importantly, StackRox’s technology works - and will continue to work - in other Kubernetes environments, including Amazon Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). 

The addition of StackRox to the Red Hat family is an important milestone in achieving Red Hat’s mission to create better technology the open source way.
Specific plans and timelines around integrating the product into the Red Hat portfolio will be made available after the acquisition closes.

Read more:

 


关于作者

Ashesh Badani is Senior Vice President and Chief Product Officer at Red Hat. In this role, he is responsible for the company’s overall product portfolio and business unit groups, including product strategy, business planning, product management, marketing, and operations across on-premise, public cloud, and edge. His product responsibilities include Red Hat® Enterprise Linux®, Red Hat OpenShift®, Red Hat Ansible Automation, developer tools, and middleware, as well as emerging cloud services and experiences.

Previously, Badani was Senior Vice President of Cloud Platforms, where he helped solidify the company as a hybrid cloud and enterprise Kubernetes leader. Under his leadership, Red Hat has also expanded OpenShift from an award-winning Platform-as-a-Service solution to the industry’s leading enterprise Kubernetes platform, with 1,000+ customers spanning all regions and industries. Badani started at Red Hat overseeing product line management and marketing for the Red Hat JBoss® Enterprise Application Platform middleware portfolio.

Badani has played a significant role around strategy, analysis, and integration for key Red Hat acquisitions—including StackRox in 2021, CoreOS in 2018, and FuseSource in 2012—to bolster the company’s integration portfolio.

Prior to joining Red Hat, Badani served as Director of Product Management and Product Marketing of Integration and Application Platform Products at Sun Microsystems. He has more than 20 years of experience in the technology and finance industries at both established and emerging companies.

Read full bio
UI_Icon-Red_Hat-Close-A-Black-RGB

按频道浏览

automation icon

自动化

有关技术、团队和环境 IT 自动化的最新信息

AI icon

人工智能

平台更新使客户可以在任何地方运行人工智能工作负载

open hybrid cloud icon

开放混合云

了解我们如何利用混合云构建更灵活的未来

security icon

安全防护

有关我们如何跨环境和技术减少风险的最新信息

edge icon

边缘计算

简化边缘运维的平台更新

Infrastructure icon

基础架构

全球领先企业 Linux 平台的最新动态

application development icon

应用领域

我们针对最严峻的应用挑战的解决方案

Original series icon

原创节目

关于企业技术领域的创客和领导者们有趣的故事