Red Hat acquires StackRox, a Kubernetes security startup

Get a free Techzine subscription!

Red Hat announced its first acquisition of the year on Thursday, saying that it plans to acquire StackRox, a container and Kubernetes threat detection outfit. The plan for Red Hat is to integrate StackRox’s security tools into its OpenShift platform.

The goal is to make the container workloads more secure. OpenShift is the Kubernetes container orchestration software developed by Red Hat. Containers are useful because they are portable, self-contained and with Kubernetes, it is easy to manage large deployments of them.

StackRox was founded in 2014 and sells a cloud-based platform that gives users continuous enhanced threat detection for cloud-native apps.

Covering the entire container lifecycle

The platform is designed to help enterprises ensure security in their containers and Kubernetes environments at scale. It also helps them detect and respond to threats. One of the major capabilities is that it helps security and DevOps teams enforce security and compliance policies, across the container’s lifecycle.

The coverage starts from when the container is built, to when it is deployed, to runtime.

The StackRox platform also gives users visibility into Kubernetes clusters through the deployment of components that enforce policy and data collection, into the infrastructure. Red Hat says that acquiring StackRox will make cloud-native workloads secure through the expansion and refinement of Kubernetes controls.

Related: Red Hat feels unbeatable with OpenShift under the wing of IBM

Security at every step

Red Hat CEO, Paul Cormier, says that securing Kubernetes workloads and infrastructure cannot be left to chance. Security must be integrated into every part of the process.

He continued to add that Red Hat’s addition of StackRox’s Kubernetes-native capabilities, will make it easy to deliver product-ready open innovation to all organizations on the open hybrid cloud.

IT analyst Charles King said that StackRox’s most important capabilities are contained in its policy engine, embedded with Kubernetes clusters to ensure the best practices in security and configuration.