Container security company StackRox Inc. is updating its threat-detection platform with new capabilities designed to safeguard Kubernetes deployments.

StackRox has gotten some serious attention in recent months thanks to its cloud-based platform that provides continuous advanced threat detection for technologies such as Docker Swarm and Kubernetes, which are used to manage software containers. The platform gives security teams the ability to apply and control policies across container-based apps, automatically correlate and detect different classes of threat behavior and monitor events over time to spot any potential new threats.

Deployed as a set of containers using Kubernetes YAML files or Helm charts, the StackRox platform supports all Kubernetes deployment modes, including self-managed clusters, managed services such as Amazon EKS, Azure AKS and Google GKE. It also supports most common Kubernetes distributions, such as Red Hat OpenShift and Docker Enterprise Edition.

Last year the startup landed a not insignificant Series B funding of $25 million to build out its platform and accelerate its product development.

Today the company seems to be announcing the fruits of that labor. In its update, StackRox said the new enhancements are designed to address “intercontainer communication,” which is something that needs to be monitored more closely in order to detect vulnerabilities.

Perhaps the biggest change is that visibility into Kubernetes containers is now centered on actual deployments rather than individual images. This increased visibility enables DevOps and security teams to visualize all of their deployments across clusters and namespaces. That should help to ensure that policies can be managed more easily and that misconfigurations can be addressed in a more efficient manner, the company said.

StackRox is also offering a new feature called Multi-Factor Risk Profiling that provides more clarity around Kubernetes clusters, their labels and annotations, network reachability and privileges. The idea is to prioritize the risks associated with individual Kubernetes deployments more accurately.

Lastly, the company is introducing new network policy enforcement capabilities based around a network graph, policy recommendation engine and policy simulator. The feature enables more efficient network segmentation that in turn helps security teams to discover unnecessary communications between containers, the company said. The policy recommendation engine enables these to be disabled as required, while the simulator provides a way for developers to preview new network policies and confirm their accuracy before they’re applied to production deployments.

“As Kubernetes continues its astonishing pace of adoption as the orchestrator of choice for cloud-native environments, it becomes an increasingly attractive target for attackers,” said Wei Lien Dang, StackRox’s vice president of product.

StackRox said the new capabilities have been added to the current release of the StackRox Container Security Platform.

Image: StackRox