Security is an issue often cited as an obstacle to the wider adoption of cloud-native technologies, including scaling applications.
Red Hat, the pioneering provider of open-source solutions, announced its intent to acquire StackRox, which specialises in Kubernetes-native security. The idea is to bring StackRoxโs Kubernetes-native security capabilities to Red Hatโs OpenShift, the Kubernetes platform for enterprises.
This is another step toward Red Hat attaining its vision of delivering a single, holistic platform that enables users to build, deploy and securely run most applications across the hybrid cloud.โจโจKubernetes is one of the fastest growing open source projects and is the foundation of cloud-native (containerisation) applications, which are central to digitalisation efforts in many industries.
Constraints
However, as Gartner notes, โContainer usage for production deployments in enterprises is still constrained by concerns regarding security, monitoring, data management and networking.โโจโจ
Container security relies on Linux security. Working with the open source community, Red Hat Enterprise Linux constantly evolves new standards to secure cloud-native environments.
Building on this approach, OpenShift has a layered approach to securing containers throughout the container lifecycle, from building, to deploying to running containers in mission critical environments. โจโจThe idea is that StackRoxโs complementary capabilities strengthen the integrated security across Red Hatโs hybrid cloud portfolio with greater simplicity and consistency.
For example, Red Hat will expand and refine Kubernetesโ native controls, and shift security left into the container build and continuous integration and either continuous delivery (CI/CD) phase, to provide a cohesive solution for enhanced security up and down the entire IT stack and throughout the lifecycle.โจโจ
Paul Cormier, President and CEO, Red Hat, stated, โSecuring Kubernetes workloads and infrastructure cannot be done in a piecemeal manner; security must be an integrated part of every deployment, not an afterthought.
โRed Hat adds StackRoxโs Kubernetes-native capabilities to OpenShiftโs layered security approach, furthering our mission to bring product-ready open innovation to every organization across the open hybrid cloud across IT footprints.
Kubernetes-specific
Founded in 2014, StackRox was designed to reinvent enterprise security and evolved to focus on Kubernetes security. While many first generation container security platforms were often container-centric, StackRox is specifically a Kubernetes-native security platform.
This should make the control and enforcement of policies easier in a Kubernetes environment because it uses the same declarative approach as Kubernetes to scale applications while maintaining security.
โจโจRed Hat said in a statement that, โStackRox software provides visibility across Kubernetes clusters, by directly deploying components for enforcement and deep data collection into the Kubernetes cluster infrastructure, reducing the time and effort needed to implement security, and streamlining security analysis, investigation and remediation.
โThe StackRox policy engine includes hundreds of built-in controls to enforce security best practices, industry standards such as CIS Benchmarks and NIST, and configuration management of both containers and Kubernetes, and runtime security.โ โจโจIn addition to Red Hat OpenShift, StackRox will continue to support Kubernetes platforms, including Amazon Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE).