Container Security Platform

Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)StackRox
Company size (employees)50 to 99
Type of solutionSoftware

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

• Multi-factor Risk Assessment - StackRox combines data across multiple systems to build a list of vulnerable application building blocks, stack ranked by risk profile.
• Adaptive Detection - StackRox applies continuous machine learning to detect categories of attack and enforce the appropriate response to neutralize the threat.
• Continuous Feedback - The StackRox platform offers the first integrated, full-lifecycle solution for container security that incorporates a feedback loop between the different phases of the container lifecycle. By leveraging information from the build and deployment phase of the application life cycle to feed into the runtime detection phase, this feature improves the efficacy of detection. Similarly, the platform uses runtime data to shape policy enforcement for the build/deploy phase.

Brief Overview

The StackRox container security platform provides cloud security across the build/deploy and runtime environments and integrates with the container and cloud services ecosystems to simplify and automate security. Other important outcomes achieved by this new technology include:

• StackRox ties into cloud providers’ managed container services, orchestrator systems, and application build systems.
• StackRox automatically determines if the application building blocks comply with company deployment policies.
• StackRox enforces policies by removing non-compliant systems.
• StackRox pulls in data from multiple services to stack rank the risk of the application assets.
• StackRox goes far beyond vulnerability scanning to build an understanding of the application building blocks deployed in the environment.
• StackRox focuses developer attention on just the handful of riskiest vulnerabilities to fix.
• StackRox applies continuous machine learning to detect threats at runtime.

After companies have done all they can to keep the bad guys out (prevention), they still need to “assume the breach has happened” and protect the running applications:
• StackRox collects a broad set of event data but surfaces alerts only when multiple events stitched together by ML reveal an attack.
• StackRox identifies attack categories such as privilege escalation or persistence.
• StackRox applies company policies for incident response to immediately stop any compromised application building blocks.