Red Hat buys Kubernetes security startup StackRox
Red Hat said it wants to integrate StackRox’s security tools with its OpenShift platform to make container workloads more secure. OpenShift is Red Hat’s version of the Kubernetes container orchestration software. Containers are portable, self-contained software environments, and Kubernetes is used to manage large deployments of them.
Founded in 2014, StackRox sells a cloud-based platform that offers continuous advanced threat detection for cloud-native applications, containers, serverless computing and Kubernetes. It’s designed to help enterprises secure their containers and Kubernetes environments at scale, and assists users in both detecting and responding to security threats. One of its key capabilities is that it helps security and DevOps teams to enforce their security and compliance policies across the entire container lifecycle from building to deploying to runtime.
The StackRox platform provides visibility into Kubernetes clusters by deploying components for policy enforcement and data collection directly into the infrastructure.
Red Hat said buying StackRox will help it to make cloud-native workloads more secure by expanding and refining Kubernetes’ controls and shifting security into the container building and continuous integration/continuous development pipeline.
“Securing Kubernetes workloads and infrastructure cannot be done in a piecemeal manner; security must be an integrated part of every deployment, not an afterthought,” Red Hat Chief Executive Paul Cormier said in a prepared statement. “Red Hat adds StackRox’s Kubernetes-native capabilities to OpenShift’s layered security approach, furthering our mission to bring product-ready open innovation to every organization across the open hybrid cloud across IT footprints.”
Pund-IT Inc. analyst Charles King said one of StackRox’s most important capabilities is its policy engine, which is embedded with Kubernetes clusters to enforce security best practices and configuration management.
“It should complement OpenShift’s layered approach to security and enhance Red Hat’s container solutions and services too,” King said. “Since the increasing number of cyber-attacks and data breaches that we saw in 2020 has placed security front and center for many enterprises, the acquisition seems especially timely.”
StackRox CEO Kamal Shah said the acquisition proves that his company’s strategic decision to focus exclusively on Kubernetes security has paid off. “While this seems obvious today, it wasn’t so then,” he wrote in a blog post. “Fast forward to 2020 and Kubernetes has emerged as the de facto operating system for cloud-native applications and hybrid cloud environments.”
The acquisition, and more importantly the resources of Red Hat, will help StackRox to grow and fulfill its roadmap more quickly, Shah said.
Ashesh Badani, senior vice president of Cloud Platforms at Red Hat, said in another blog post the company plans to open-source StackRox’s technology once the acquisition closes, in line with its wider open-source strategy. And he reassured StackRox’s customers that it will continue to support other Kubernetes platforms besides OpenShift, such as Amazon Elastic Kubernetes Service, Microsoft Azure Kubernetes Service and Google Kubernetes Engine.
Red Hat will also throw its weight behind the open-source KubeLinter community that’s led by StackRox.
Holger Mueller, an analyst with Constellation Research Inc., told SiliconANGLE that security is becoming more and more critical as the Kubernetes ecosystem matures.
“It makes sense for RedHat to bolster its security capabilities with StackRox and provide users with better overall container management capabilities,” Mueller said. “Importantly, StackRox works across all of the major cloud platforms, so it should be easy for RedHat and IBM to bring its services live rapidly.”
The price of the acquisition was not disclosed.
Image: Red Hat
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.