Cloud

4/10/2018
11:19 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Container Security Pioneer StackRox Secures $25 Million in Series B Funding

Top-Tier VC Investments Enable the Leader in Security for Containerized Cloud-Native Applications to Advance Development, Sales and Marketing Efforts

MOUNTAIN VIEW, Calif. — April 10, 2018 StackRox, the leader in security for containerized cloud-native applications, announced today that it has secured $25 million in Series B funding. This funding round is being led by Redpoint Ventures and includes follow-on investments from Sequoia Capital and Amplify Partners. StackRox delivers the industry’s only solution that offers continuous detection for applications running on container technologies, including Docker and Kubernetes. Proceeds from the investment will be used to accelerate the company’s product development and release schedule and to support expanded go-to-market programs, including the hiring of new sales and marketing executives to facilitate the company’s next stage of growth.

Designed to help enterprises running containerized applications with governance, detection, and response to security threats, StackRox software secures containerized applications from deployment to runtime. It enables security teams to apply and manage policies, and the software leverages the power and flexibility of the Rox Engine to automatically detect and correlate threat behavior. StackRox monitors events over time and applies its Adversarial Intent Model to “connect the dots,” alert IT organizations of potential threats across the attack life cycle, and take action to stop and contain attacks.

Built with DevOps and cloud computing environments in mind, the StackRox security architecture combines distributed collection and centralized event correlation as well as analysis with machine learning to identify and stop malicious activity. It includes:

  • StackRox Prevent – to minimize the attack surface, centralize governance, and rank-order risks for container environments
  • StackRox Detect and Respond – to monitor activities in runtime, pinpoint attack tactics, and disrupt and stop attacks

Sameer Bhalotra, StackRox CEO and former Senior Director for Cybersecurity at the White House, and Ali Golshan, StackRox CTO and former co-founder and CTO of Cyphort, formed StackRox together. They created the company to secure high-velocity, distributed container environments that cannot be protected with traditional enterprise security solutions.

StackRox collaborates with a number of research and governmental organizations to more deeply understand the attack surface containerized environments present. StackRox counts Google as one of its key partners, and customers already using the StackRox platform include City National Bank, the U.S. Department of Homeland Security, other government agencies, and Global 2000 companies in the finance, media and technology sectors.

New venture partner

Redpoint Ventures has deep expertise in recognizing seed, early- and growth-stage startups that are poised to create new markets or redefine existing ones. Redpoint’s partnership with the founders of StackRox builds on the firm’s early investments in next-generation developer infrastructure and tooling, as well as its ongoing partnership with the Cloud Native Computing Foundation, exemplifying Redpoint’s vision for support of enabling development technologies with complementary security technologies.

“Along with enabling this new developer landscape, we recognized the criticality of securing it,” said Tomasz Tunguz, general partner at Redpoint Ventures. “At a time when most companies are building commodity scanning technology, StackRox has focused its sophisticated team on solving the problem of continuous detection in containerized environments. The innovation of its Rox Engine in identifying adversarial intent and stopping attacks early in their life cycle will enable companies to reap the benefits of containerized development while protecting the business.”

New sales and marketing executives

To drive acceleration of its go-to-market initiatives, StackRox has grown its leadership ranks in sales and marketing. TJ Cooley, a seasoned enterprise sales executive who has served in senior positions at Tanium, VMware and Citrix, has joined as Vice President of Sales. Michelle McLean, who has held senior marketing roles at ScaleArc, Silver Spring Networks, ConSentry Networks, Peribit Networks, and Trapeze Networks, as well as serving as an analyst at META Group, joins StackRox as the company’s first vice president of marketing.

“TJ and Michelle bring deep experience, energy and industry insights to the entire StackRox community,” commented Bhalotra. “They are already making great contributions to our team and will be integral to our next phase of growth.”

Product updates

Headed into the industry’s largest trade show, the RSA Conference, next week, StackRox is pleased to announce general availability of its Prevent product. Prevent enables security teams to apply centralized governance over their organizations’ container deployments, inventorying and stack-ranking the risk of those environments. The company is also announcing an updated version of its flagship Detect and Respond solution, with faster performance, increased scalability, and improved detection capabilities.

 

StackRox will be highlighting the power of these pioneering solutions and its Adversarial Intent Model during its Innovation Sandbox Top 10 Finalist presentation on April 16, 2018, along with many other public presentations.

 

About StackRox

StackRox helps enterprises secure their containerized, cloud-native applications at scale. StackRox enables security teams to centralize container deployment governance, visualize the container attack surface, and expose and stop malicious activity. The StackRox architecture combines distributed collection with centralized correlation and machine learning and takes protective actions to limit attacks and disrupt them in real time. StackRox is the container security choice of Global 2000 enterprises and government agencies. StackRox is privately held and headquartered in Mountain View, Calif. To learn more, visit www.stackrox.com and follow us on Facebook, LinkedIn and Twitter.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
New Mirai Version Targets Business IoT Devices
Dark Reading Staff 3/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Reading Schneier's Friday Squid Blog again?
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.