Cloud

4/10/2018
11:19 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Container Security Pioneer StackRox Secures $25 Million in Series B Funding

Top-Tier VC Investments Enable the Leader in Security for Containerized Cloud-Native Applications to Advance Development, Sales and Marketing Efforts

MOUNTAIN VIEW, Calif. — April 10, 2018 StackRox, the leader in security for containerized cloud-native applications, announced today that it has secured $25 million in Series B funding. This funding round is being led by Redpoint Ventures and includes follow-on investments from Sequoia Capital and Amplify Partners. StackRox delivers the industry’s only solution that offers continuous detection for applications running on container technologies, including Docker and Kubernetes. Proceeds from the investment will be used to accelerate the company’s product development and release schedule and to support expanded go-to-market programs, including the hiring of new sales and marketing executives to facilitate the company’s next stage of growth.

Designed to help enterprises running containerized applications with governance, detection, and response to security threats, StackRox software secures containerized applications from deployment to runtime. It enables security teams to apply and manage policies, and the software leverages the power and flexibility of the Rox Engine to automatically detect and correlate threat behavior. StackRox monitors events over time and applies its Adversarial Intent Model to “connect the dots,” alert IT organizations of potential threats across the attack life cycle, and take action to stop and contain attacks.

Built with DevOps and cloud computing environments in mind, the StackRox security architecture combines distributed collection and centralized event correlation as well as analysis with machine learning to identify and stop malicious activity. It includes:

  • StackRox Prevent – to minimize the attack surface, centralize governance, and rank-order risks for container environments
  • StackRox Detect and Respond – to monitor activities in runtime, pinpoint attack tactics, and disrupt and stop attacks

Sameer Bhalotra, StackRox CEO and former Senior Director for Cybersecurity at the White House, and Ali Golshan, StackRox CTO and former co-founder and CTO of Cyphort, formed StackRox together. They created the company to secure high-velocity, distributed container environments that cannot be protected with traditional enterprise security solutions.

StackRox collaborates with a number of research and governmental organizations to more deeply understand the attack surface containerized environments present. StackRox counts Google as one of its key partners, and customers already using the StackRox platform include City National Bank, the U.S. Department of Homeland Security, other government agencies, and Global 2000 companies in the finance, media and technology sectors.

New venture partner

Redpoint Ventures has deep expertise in recognizing seed, early- and growth-stage startups that are poised to create new markets or redefine existing ones. Redpoint’s partnership with the founders of StackRox builds on the firm’s early investments in next-generation developer infrastructure and tooling, as well as its ongoing partnership with the Cloud Native Computing Foundation, exemplifying Redpoint’s vision for support of enabling development technologies with complementary security technologies.

“Along with enabling this new developer landscape, we recognized the criticality of securing it,” said Tomasz Tunguz, general partner at Redpoint Ventures. “At a time when most companies are building commodity scanning technology, StackRox has focused its sophisticated team on solving the problem of continuous detection in containerized environments. The innovation of its Rox Engine in identifying adversarial intent and stopping attacks early in their life cycle will enable companies to reap the benefits of containerized development while protecting the business.”

New sales and marketing executives

To drive acceleration of its go-to-market initiatives, StackRox has grown its leadership ranks in sales and marketing. TJ Cooley, a seasoned enterprise sales executive who has served in senior positions at Tanium, VMware and Citrix, has joined as Vice President of Sales. Michelle McLean, who has held senior marketing roles at ScaleArc, Silver Spring Networks, ConSentry Networks, Peribit Networks, and Trapeze Networks, as well as serving as an analyst at META Group, joins StackRox as the company’s first vice president of marketing.

“TJ and Michelle bring deep experience, energy and industry insights to the entire StackRox community,” commented Bhalotra. “They are already making great contributions to our team and will be integral to our next phase of growth.”

Product updates

Headed into the industry’s largest trade show, the RSA Conference, next week, StackRox is pleased to announce general availability of its Prevent product. Prevent enables security teams to apply centralized governance over their organizations’ container deployments, inventorying and stack-ranking the risk of those environments. The company is also announcing an updated version of its flagship Detect and Respond solution, with faster performance, increased scalability, and improved detection capabilities.

 

StackRox will be highlighting the power of these pioneering solutions and its Adversarial Intent Model during its Innovation Sandbox Top 10 Finalist presentation on April 16, 2018, along with many other public presentations.

 

About StackRox

StackRox helps enterprises secure their containerized, cloud-native applications at scale. StackRox enables security teams to centralize container deployment governance, visualize the container attack surface, and expose and stop malicious activity. The StackRox architecture combines distributed collection with centralized correlation and machine learning and takes protective actions to limit attacks and disrupt them in real time. StackRox is the container security choice of Global 2000 enterprises and government agencies. StackRox is privately held and headquartered in Mountain View, Calif. To learn more, visit www.stackrox.com and follow us on Facebook, LinkedIn and Twitter.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Diversity: It's About Inclusion
Kelly Jackson Higgins, Executive Editor at Dark Reading,  4/25/2018
Coviello: Modern Security Threats are 'Less About the Techniques'
Kelly Sheridan, Staff Editor, Dark Reading,  4/24/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.