The Latest from StackRox – Augmenting Runtime Security
You learn from every customer, but some of the toughest requirements can come from our Intelligence Community customers. Occasionally, that group needs capabilities uniquely their own, but in the best of times, they push you in ways that benefit all your customers. Our recent developments in runtime security fall in that second camp, and we’re excited to announce their availability today.
We collaborated with our IC customers along with some of our biggest enterprise customers to enhance our platform with new features that help streamline analysis, investigation, and response for runtime security events. Our customers use StackRox findings both directly in our UI as well as via feeds into downstream tools such as SIEMs. The enhancements announced today include:
- Timeline Views – this feature provides a visualization of runtime events in chronological order. So customers can see the execution of processes, for example, across a graphic timeline, which helps teams more easily understand the incident overall and prioritize their response.
- Federal Benchmark Checks – these checks help customers understand how their container environments comply with NIST SP 800-53. Understanding this compliance is a key part of participating in the Federal Risk and Authorization Management Program (FedRAMP), and these checks join existing StackRox compliance checks for NIST SP 800-190.
- Analyst Notes – analysts and other SOC users can use this feature to annotate metadata on alerts and other events in the StackRox platform. They can share these incidents as links, making it easy for other analysts and incident responders to understand the data and enhance their collaboration.
- Advanced Policies – analysts can now enforce policies more flexibly, using Boolean operators to add and combine different criteria within each policy. This support helps organizations create more tailored checks that match their teams’ requirements.
Combining these features with other elements of our Kubernetes-native security approach means our customers can more easily create new policies and more consistent workflows, and they can more readily automate remediation, saving time and resources.
Want to see these features in action? Ask to see a personal demo, or take our software for a spin with a free trial. You’ll immediately see how StackRox brings DevOps and Security together and enables you to build security directly into your infrastructure.
Kubernetes-native security: what is it and why it matters
Download this ebook to learn why a Kubernetes-native approach to protecting your containerized applications provides the most comprehensive security in Kubernetes environments
*** This is a Security Bloggers Network syndicated blog from The Container Security Blog on StackRox authored by The Container Security Blog on StackRox. Read the original post at: https://www.stackrox.com/post/2020/05/the-latest-from-stackrox-augmenting-runtime-security/
