Red Hat buys StackRox to bolster OpenShift K8s security

shipping container with doors open
Open container

Red Hat is buying Stackrox, a Kubernetes-native security startup, for an undisclosed sum. The company intends to add it to Red Hat OpenShift but said Stackrox will continue to support existing users of other Kubernetes flavours.

Red Hat says it wants to deliver a single, holistic platform so users can build, deploy and securely run nearly any application across the entirety of the hybrid cloud.

Red Hat will focus on transforming how cloud-native workloads are secured by expanding and refining Kubernetes’ native controls, with StackRox, as well as shifting security leftwards into the container build and CI/CD phase. The aim is to provide enhanced security up and down the entire IT stack and throughout the lifecycle.

California-based StackRox was founded in 2014 and is focused on Kubernetes security. Customers can control and enforce security policies, using a Kubernetes declarative approach. This means their secured applications can scale  more easily, it’s claimed, than ones using container-centric security approaches.

StackRox software provides visibility across all Kubernetes clusters by directly deploying components for enforcement and deep data collection into the Kubernetes cluster infrastructure. The company claims this reduces the time and effort needed to implement security, and streamlining security analysis, investigation and remediation. 

Its policy engine includes hundreds of built-in controls to enforce security best practices, industry standards such as CIS Benchmarks and NIST, and configuration management of both containers and Kubernetes, and runtime security.