See our complete list of top container and Kubernetes security vendors
StackRox helps enterprises secure their containerized, cloud-native applications at scale. StackRox says its Container Security Platform uses the inherent security advantages of containers – immutability and declarative configuration – to improve security posture.
The company’s CEO and co-founder, Ali Golshan, draws on his roots as a whitehat government hacker and serial entrepreneur of security startups in defining the technical vision and leading the StackRox team. Founded in 2014, StackRox is privately held and headquartered in Mountain View, California. The company has raised $39 million in funding, and backers include Amplify Partners, Sequoia Capital, and Redpoint Ventures.
StackRox sells to a combination of Global 2000 enterprises, cloud-native companies, and government agencies. The company’s customers span the financial services, technology, media, and e-commerce industries. StackRox is primarily targeting North American companies, although the company also has customers in Europe.
The StackRox Container Security Platform provides security across the entire container life cycle, enabling customers to reduce the attack surface during build, reduce profile runtime risk during deployment, and detect and respond to attacks during runtime.
Among the features of the StackRox platform are multiple vendor integrations as well as data discovery and enrichment features. Integrations for alert notifications include Slack, JIRA, email, Google Cloud Security Command Center. The platform also includes native vulnerability scanning as well as integration with third-party vulnerability scanners.
For assessment and enforcement, StackRox provides multi-factor risk profiling as well as enforcement actions for build and deployment. The platform also includes attack detection capabilities that support threat hunting.
Product Performance Metrics
The StackRox Container Security Platform leverages the Adversarial Intent Model to understand events that are related and surface attacks. The Adversarial Intent Model relies on recognizing patterns of attack across foothold, persistence, movement, privilege escalation, and objectives. The volume of events at the container level make it impossible for humans to process and analyze, so StackRox uses continuous Machine Learning for centralized correlation and analysis of distributed events. This technique allows the software to focus security analysts on just one incident rather than parsing through all the events that signal that incident.
The StackRox Container Security Platform is software that can run on premises or in the cloud.
The StackRox software sells as a subscription license on a one-year or three-year term. Pricing is by the node, with a broad range based on volume.