Container security and threat detection startup StackRox Inc. is making its first original contribution to the open-source software community today with the release of a new tool designed to identify misconfigurations in Kubernetes environments.

StackRox, which raised $26.5 million in funding last month, sells a cloud-based platform that offers continuous advanced threat detection for cloud-native applications, containers that host the components of those apps, and Kubernetes, which is an open-source software framework that’s used to manage those containers.

The newly open-sourced static analysis tool StackRox has created is called KubeLinter. It gives developers an easy way to automate the analysis of Kubernetes YAML files and Helm charts before they’re deployed inside a cluster.

Effectively, what it does is it integrates security-as-a-code with DevOps and its related processes, helping teams ensure that Kubernetes has been configured correctly according to security best practices, the company said. Further, KubeLinter ensures that hardened security policies are automatically enforced with all Kubernetes applications.

That’s necessary, the company said, because developers frequently alter their Kubernetes configurations as part of the application development process. The problem is that this has to be done manually, and mistakes are often made. As StackRox found in its Fall 2020 State of Container and Kubernetes Security Report, human error causes the majority of security incidents in Kubernetes, with misconfigurations contributing to roughly 67% of cases reported by survey respondents.

“If you’ve spent time crafting Kubernetes YAML files, you know it can be a pretty arduous endeavor as there are so many different objects, so many knobs and dials, so many cross-references to keep track of,” said Viswa Venugopal, StackRox software engineer and the lead developer of KubeLinter. “Further, in most cases, default configurations for Kubernetes objects are geared toward making it easy for users to get their apps up and running quickly, and not for secure, production-ready configurations. KubeLinter is our answer to this problem.”

By making KubeLinter open source, StackRox is hoping that the development community will help accelerate its development, speed up its maturity and increase adoption of the tool.

Kubernetes has proven itself to be the most effective software for managing large deployments of software containers, but like all new technology platforms it comes with a significant usage tax, Constellation Research Inc. analyst Holger Mueller told SiliconANGLE.

“It’s a priority for enterprises to find ways to manage Kubernetes in an easier and more efficient way, so it’s good to see a new offering coming to market that does this,” Mueller said. “We’ll have to wait and see if the KubeLinter offering from StackRox succeeds at that tasks, or if any alternative offerings will emerge sooner or later.”

StackRox said KubeLinter is available now on GitHub.

Image: pixelcreatures/Pixabay