Brief Overview

StackRox’s container security platform provides adaptive threat detection and response to protect applications in runtime. The software integrates with the container ecosystem to simplify and automate security.

• StackRox monitors activities within and across containers to detect active attacks and take action to block them.
• StackRox applies continuous machine learning to adapt its application baselines and detect attacks.
• StackRox collects a broad set of event data but surfaces alerts only when multiple events that StackRox sees are related indicate an attack category such as privilege escalation or persistence.

StackRox continuously assesses “normal” behavior for applications to adjust its baseline. This approach avoids false positives, because developers are continuously updating applications all the time in the DevOps world we’re in now. StackRox also avoids false negatives because the software stitches together events over time to identify attacks in progress. StackRox responds to immediately stop any compromised application components from putting data at risk or enabling attacker access.