This is the final installment of our four-part Google Kubernetes Engine (GKE) security blog series. Don’t forget to check out our previous blog posts in the series: Part 1: GKE Security Best Practices: Designing Secure Clusters Part 2: GKE Networking Best Practices for Security and Operation Part 3: Guide to ... Read More

Right on the heels of last week’s news that we’re providing Kubernetes security for DoD’s Platform One software factory, we’re excited to share today that we’ve been awarded a Phase III contract with the Department of Homeland Security. In this stage of our partnership, we’re deploying our Kubernetes Security Platform ... Read More

This is part three of our four-part blog series on Google Kubernetes Engine (GKE) security. You can find the previous two parts below: GKE security best practices: designing secure clusters GKE networking best practices for security and operations Adhering to security best practices for running your workloads on GKE plays ... Read More

Part six of our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – covers Credential Access, a set of activities intended for stealing sensitive credentials such as application secrets, passwords, and tokens that may be used by either users or ... Read More

StackRox is in the midst of our own “Fed ramp” of sorts, with news today that we’ve been awarded a Department of Defense SBIR Phase II Award, our long history with In-Q-Tel and multiple deployments in the U.S. Intelligence Community, and more news coming soon on additional Fed initiatives. We ... Read More

In February, we published an article providing a side-by-side comparison of the managed Kubernetes offerings from the three largest cloud providers: Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE). The Kubernetes ecosystem changes rapidly, as do the feature sets of these managed platforms. This ... Read More

The fifth installment in our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – covers Defense Evasion, a grouping of techniques focused on concealing adversary actions intended to avoid detection. This includes tactics such as deleting evidence of an attacker’s ... Read More

What’s better than being named a Computer Reseller News Emerging Vendor? Winning that designation two years running! We’re thrilled to be included amongst these elite technical innovators. The advantages of our unique Kubernetes-native approach to securing today’s modern apps are earning us kudos across customers (see online reviews on Gartner ... Read More

Part four of our nine-part blog series on the various Kubernetes threat vectors and tactics covers Privilege Escalation, which encompasses techniques that enable an attacker to gain additional privileges that can be used to take more actions within the cluster and/or grant access to a wider scope of resources. These ... Read More

This is part three of a nine-part blog series where we examine each of the nine Kubernetes threat vectors across 40 attack techniques and provide actionable advice to mitigate these threats. Don’t forget to check out parts one and two. The third tactic in the Kubernetes attack matrix is Persistence ... Read More