At Kubecon 2021, Red Hat announced the creation of the StackRox community. This community will make the code of StackRox open source and continue to manage it.
StackRox is a company that specialises in threat detection for containers and Kubernetes. The company does this on a cloud-based platform. Red Hat acquired StackRox in February with the aim of integrating the company’s services into its own offering.
StackRox’s services, unlike those of Red Hat, were closed source in nature. Since the takeover, Red Hat has therefore been busy investigating how StackRox software can be made open source. Red Hat believes that an open development model ensures more secure, stable and innovative technologies.
Security for Kubernetes applications
Red Hat sees security as a critical need for organisations building and running Kubernetes applications and expects the StackRox community to provide an open source project that gives users more choice about how they protect their Kubernetes environments. The software should be deployable at various points in the application lifecycle, including visibility, vulnerability management, configuration management, network segmentation, compliance, threat detection, incident response and risk profiling. Red Hat will also contribute to the project.
Advanced Cluster Security
The StackRox project will be the code behind Red Hat’s Advanced Cluster Security for Kubernetes. This software should provide Red Hat OpenShift customers and supported Kubernetes services with native security. The StackRox community will also work on the development of KubeLinter, an open source project released in October 2020. KubeLinter is a tool that allows developers to check Kubernetes YAML files and Helm charts for configuration issues.
Red Hat invites all interested parties to see if they want to participate in the project. More information can be found at stackrox.io.