Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

10/9/2020
12:25 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

StackRox and Robin.io Partner to Deliver Hardened Security, Compliance and Data Management for Stateful Applications on Kubernetes

StackRox Kubernetes Security Platform now available as a Robin.io enterprise application bundle

MOUNTAIN VIEW, Calif. – October 7, 2020 – StackRox, the leader in container and Kubernetes security, and Robin.io, the leader in Kubernetes data management, today announced a new partnership bringing together Robin’s application-focused approach to Kubernetes data management with StackRox’s industry-only Kubernetes-native security and compliance capabilities. Robin customers now have access to the StackRox Kubernetes Security Platform as a Robin application bundle, enabling easy, one-click deployment of container security to protect cloud-native applications across the full application life cycle — build, deploy, and runtime — in Robin-orchestrated Kubernetes environments.

The StackRox application bundle provides a simplified way to define and enforce security and compliance policies across enterprise Robin Cloud-Native Platform deployments for an added layer of visibility and control. Driven by joint customer demand, the companies undertook this development work, and Robin has tested and certified integration with the StackRox Kubernetes Security platform. With its Kubernetes-native architecture, StackRox enables organizations to operationalize security, lower operational risk, and reduce costs. Tapping StackRox to enhance DevSecOps practices and support security-as-code is critically important for teams using Robin to manage sensitive data for stateful applications on Kubernetes as these deployments become increasingly complex and vulnerable at scale.

“Deploying and scaling mission-critical applications on Kubernetes creates the need for automation and data management, and increases the attack surface,” said Ankur Desai, director of product, Robin.io. “We are seeing this dynamic especially play out with customers using Kubernetes to support commercial 5G rollouts and other large-scale deployments, where securing Day 2 operations are of the utmost importance. StackRox helps automate security and compliance for these systems and provides a crucial level of hardening to protect critical cloud-native assets and data.”

Robin customers running both stateful and stateless applications will benefit from the full range of Kubernetes security and compliance use cases that StackRox supports, including:

  • Visibility into cloud-native applications, including all images, container registries, Kubernetes deployment configurations, container runtime behavior, and more.
  • Vulnerability Management to identify vulnerabilities in images, containers, Kubernetes, and running deployments and prevent non-compliant builds.
  • Compliance providing continuous and on-demand checks on controls to meet CIS Benchmarks, NIST 800-190 and 800-53, SOC 2, PCI, and HIPAA.
  • Configuration Management to identify misconfigurations across images, containers, clusters, Kubernetes, and network policies, to prevent accidental misconfigurations that put application performance and security at risk.
  • Network Segmentation tapping the power of Kubernetes and Istio to enforce network policies. Visualize existing policies, simulate new ones, generate updated YAML files, and apply them directly to Kubernetes.
  • Risk Profiling leveraging Kubernetes deployment details to assess risk across entire environments and stack-rank assets to focus remediation efforts.
  • Threat Detection combining rules, whitelists, baselines, and behavioral modeling to identify threats at runtime in container environments.
  • Incident Response taking automated actions such as killing and restarting pods via Kubernetes to shut down attacks.

“Robin adds an application-centric control plane on top of Kubernetes to help enterprises manage the more complicated aspects of running modern, containerized applications. In much the same way, StackRox adds a Kubernetes-native layer of security to enforce policies that ensure risks, vulnerabilities and non-compliant assets will not create Day 2 operational challenges for these businesses,” said Hillary Benson, Head of Product, StackRox. “The combined value that StackRox and Robin deliver to enterprises that rely on secure Kubernetes data management capabilities, particularly those in the telecommunications and financial services sectors, will significantly improve their ability to scale advanced technologies, such as 5G, confidently and securely.”

To learn more about how the combination of Robin and StackRox can help simplify the deployment and security of containerized applications, tune into the companies’ joint webinar on October 22 at 10:00 am PDT. To request a StackRox demo for your own organization, please visit https://www.stackrox.com/request-demo/.

About StackRox

StackRox helps enterprises secure their containers and Kubernetes environments at scale. StackRox delivers the industry’s first and only Kubernetes-native container security platform that enables security and DevOps teams to enforce their security and compliance policies across the entire container life cycle, from build to deploy to runtime. The StackRox Kubernetes Security Platform integrates with existing DevOps and security tools, enabling teams to quickly operationalize container and Kubernetes security. StackRox customers span cloud-native companies, Global 2000 enterprises, and government agencies. StackRox is privately held and headquartered in Mountain View, California. To learn more, visit www.stackrox.com and follow us on Facebook, LinkedIn and Twitter.

About Robin.io

Robin.io provides an application and data management platform that enables enterprises and 5G service providers to deliver complex application pipelines as a service. Built on industry-standard Kubernetes, the Robin Cloud Native Platform allows developers and platform engineers to rapidly deploy and easily manage data- and network-centric applications — including big data, NoSQL and 5G — independent of underlying infrastructure resources. The Robin platform is used globally by companies including BNP Paribas, Palo Alto Networks, Rakuten Mobile, SAP, Sabre and USAA. Robin.io is headquartered in Silicon Valley, California. More at www.robin.io and Twitter: @robin4K8S. 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36289
PUBLISHED: 2021-05-12
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the QueryComponentRendererValue!Default.jspa endpoint. The affected versions are before version 8.5.13, from version 8.6.0 before 8.13.5, and fro...
CVE-2021-32606
PUBLISHED: 2021-05-11
In the Linux kernel 5.11 through 5.12.2, isotp_setsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. (This does not affect earlier versions that lack CAN ISOTP SF_BROADCAST support.)
CVE-2021-3504
PUBLISHED: 2021-05-11
A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to...
CVE-2021-20309
PUBLISHED: 2021-05-11
A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to ...
CVE-2021-20310
PUBLISHED: 2021-05-11
A flaw was found in ImageMagick in versions before 7.0.11, where a division by zero ConvertXYZToJzazbz() of MagickCore/colorspace.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this...