Latest Update to StackRox Kubernetes Security Platform Augments Runtime Security with Streamlined Analysis and Incident Response
May 2020 by Marc Jacob
StackRox announced new runtime security features in the latest release of the StackRox Kubernetes Security Platform. These features, developed in close collaboration with StackRox enterprise and federal government customers, help streamline analysis, investigation, and response for runtime security events for containers and Kubernetes environments. Leveraging these new capabilities, analysts and incident responders can more quickly identify the most important event details, view them chronologically, add custom notes, and make more informed security and compliance decisions.
The new features tap into the Kubernetes-native architecture of the StackRox platform to streamline incident response processes. Specific enhancements include:
• Timeline Views – Provides a chronological visualization of runtime events, such as the execution of processes, in a graphic timeline to enable teams to easily understand incidents and prioritize response actions accordingly.
• Federal Benchmark Checks – Delivers container-specific compliance checks for NIST SP 800-53 to support Defense and Intelligence Communities, federal agencies, enterprises and cloud service providers participating in the Federal Risk and Authorization Management Program (FedRAMP). Support for this standard adds to existing StackRox compliance checks for NIST SP 800-190.
• Analyst Notes – Offers the ability to annotate metadata on alerts and relevant security events in the StackRox platform and to share these notes with other analysts and incident responders to enhance and speed collaboration.
• Advanced Policies – Enables analysts to apply and enforce policies more flexibly by using Boolean operators to add and combine different criteria within each policy.
With these new features, StackRox users can summarize security and compliance events, share information between security and development teams, collaborate, and act on security information more quickly and effectively. With the ability to contextualize and enrich data from Kubernetes environments, StackRox helps analysts and incident responders prioritize threats, accelerate the creation of new policies, create more consistent workflows, and automate remediation to replace traditionally manual, time-consuming processes.