Last week, Red Hat announced the acquisition of StackRox, a California – based Kubernetes security company that was founded in 2014.
Secure keepers
Pixabay
This is one of the most strategic purchases for Red Hat, which squarely aims at increasing enterprise infrastructure market share. StackRox complements Red Hat’s custom package by bringing critical security capabilities needed from its infrastructure and platforms.
StackRox founders Ali Goshan and Wei Lien Dang have a strong security background. Ali worked at Microsoft and PwC as a security researcher while Wei led secure product initiatives at CoreOS, AWS, Splunk, and Bracket Computer. In 2018, StackRox appointed Kamal Shah, a veteran businessman, and investor, as president and CEO.
DevSecOps, the best of DevOps and security operations, is becoming a top priority for enterprise customers. StackRox, with the integration with the existing DevOps and CI / CD tools, will deliver sewing DevSecOps for Kubernetes.
How is StackRox different?
Since its inception, StackRox has focused on securing the software supply chain. With the rise of ships and Kubernetes, the company doubled down on Kubernetes ’native security platform.
StackRox claims that its distinctive difference lies in the tight union with Kubernetes. While the competition focuses on traditional security methods, StackRox covers the full spectrum of the Kubernetes platform by taking advantage of the premierships and native Kubernetes workflows. It incorporates contextual views by entering Common Vulnerability and Displays (CVE), intensity scores and Kubernetes components such as pods, usage, and place names.
StackRox ties tightly to image tables to determine sensitivity in container images on one side of the software supply chain. At the other end of the spectrum, it integrates with the Kubernetes control plane to accelerate native capabilities such as access controllers to prevent distorted images, vessels, and usages. StackRox works natively with Istio to provide real-time security analysis and traffic view.
What is it for Red Hat?
Over the past decade, Red Hat has gradually shifted its focus to modern infrastructure based on ships and Kubernetes. OpenShift, Red Hat’s premier container platform, has evolved from a developer-oriented PaaS to a mature enterprise platform.
The build of CoreOS in 2018 enabled Red Hat to integrate Quay, a proven track record, with OpenShift. But they did not yet have a native surveillance and security tool for scanning images stored in the Pier. StackRox is tightly integrated with Quay incorporating native image scanning into OpenShift.
With the integration of StackRox with OpenShift API and Web Console, customers can automate running CSI criteria.
StackRox will bring end-to-end security and visibility into OpenShift through native integration with CRI-O (runtime container), OpenShift SDN (CNI network), and Istio-based OpenShift Service Mesh.
The build of StackRox is good news for Red Hat customers. It brings the most essential and essential capability to OpenShift – security.
StackRox fuels the multi-cloud secrets of Red Hat
Red Hat knows it needs to address the lifecycle and workload management of applications running on non-OpenShift environments such as Amazon EKS, Microsoft AKS, GKE, and IBM Kubernetes Service.
Following the construction of IBM, Red Hat changed IBM Multicloud Manager to an open source project and rebranded it as Red Hat Advanced Cluster Management for Kubernetes (ACS). This product competes with other meta-control aircraft offerings such as Anthos, Azure Arc, Rancher and Tanzu Mission Control.
StackRox is designed to work with both Kubernetes offerings managed in the cloud, and these distributions are meant for real estate. By integrating StackRox with ACS, Red Hat will be one of the first in the industry to provide security for multi-cloud browser management. Any browser registered with ACS would be able to take advantage of the security capabilities. This reinforces the Red Hat Advanced Cluster Management value recommendation for Kubernetes.
Red Hat has announced that StackRox will continue to support multiple Kubernetes platforms, including the cloud-driven public offerings.
Red Hat promises StackRox Open Sourcing
Continuing with the promise of getting all products open, Red Hat has commented that it is committed to opening up the StackRox security platform. This will benefit both the customers and the OSS community.
KubeLinter is one of the most popular open source tools from StackRox for scanning Kubernetes YAML files and the willingness of Helm records. Going forward, the KubeLinter project would be hosted by Red Hat.
DevSecOps Marketplace is hot
Last year, VMware acquired Octarine and merged it with Carbon Black, a security company it bought in 2019 for $ 2.1 billion. At KubeCon 2019, Palo Alto Networks announced that they are acquiring Twistlock for $ 410 million.
Although the price will not be announced, the StackRox build by Red Hat is expected to exceed $ 100 million.