An IT security platform specifically designed for container environments was unveiled this week by StackRox.
Wei Lien Dang, vice president of product for StackRox, says existing IT security platforms don’t provide any protection for containers or the application code packaged inside them. In contrast, the StackRox platform natively makes use of containers to create a security platform that defends against code injection, privilege escalation, malicious lateral movement and data exfiltration attacks aimed at containerized applications. The StackRox platform accomplishes this by combining intrusion detection and prevention (IDS/IPS), web application firewalling (WAF) and endpoint detection and response (EDR) capabilities for containers in a single framework.
StackRox is designed to be used by IT security teams that have been tasked with securing the overall container environment, Dang says. Regardless of what level of IT security expertise any given set of developers may have, most developers will never have the depth of knowledge required to maintain security in highly dynamic environments where new containers are added at the same speed at which existing containers are replaced, he notes. StackRox is designed to not only provide visibility into the containers, but it also allows IT security professionals to attach policies to individual containers or microservices made up of multiple containers. It employs patent-pending instrumentation and machine-learning algorithms designed to deal with the ephemeral nature of container environments, says Dang.
StackRox is also compatible with all the major container orchestration engines, including Kubernetes. That makes StackRox much simpler to deploy, he says. The company, which thus far has raised $14 million in funding, is making its technology available based on an annual subscription basis tied to the number of nodes in the environment. Because it consolidates many security functions into a single platform, however, many IT organizations will be able to reduce their cost of security, Dang says.
IT security concerns often are cited as one of the primary concerns holding back deployment of containers in production environments. In fact, one of the reasons most containers wind up being deployed on a virtual machine is because most IT organizations don’t have the tools required to secure containers on a bare-metal server. Many of them simply default to relying on the security framework they put in place for the virtual machine regardless of how much more efficient it might be to deploy containers on a bare-metal server.
There will, of course, be some resistance to introducing an IT security framework specifically designed for containers. After all, virtual machines are not going to go away overnight. Many IT organizations don’t have the skills or resources required to deploy two separate security frameworks. But as usage of containers across the enterprise becomes more prevalent, StackRox is clearly betting that a lot more organizations would rather incur the cost and expense of deploying a second IT security framework than have thousands of containers be subject to any number of IT security attacks.