Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Red Hat Buys Container Security Firm StackRox

Red Hat on Thursday snapped up container and Kubernetes security startup StackRox, a deal that speeds up its ambitions in the enterprise cloud market.

Financial terms of the deal were not announced.

Red Hat on Thursday snapped up container and Kubernetes security startup StackRox, a deal that speeds up its ambitions in the enterprise cloud market.

Financial terms of the deal were not announced.

StackRox, based in Mountain View, Calif., raised about $65 million from a range of investors, including Menlo Ventures, Highland Capital Partners, Hewlett-Packard Enterprise, Sequoia Capital and Redpoint Ventures.

StackRox Logo

The company is considered an innovator in powerful Kubernetes-native security capabilities and the deal will bring a strong technology and personnel base to drive IBM-owned Red Hat’s enterprise Kubernetes platform.

The open-source Red Hat, which provides enterprise Linux, cloud, container, and Kubernetes technologies, is already a major player with its Red Hat OpenShift platform.

StackRox has developed a Kubernetes-native container security platform designed to help both security and DevOps teams enforce security and compliance policies. The platform can be integrated with existing tools. The company says it achieved a revenue growth of over 240% in the first half of 2020.

Kubernetes, one of the fastest growing open source projects, is the foundation of cloud-native applications.

“Container security is Linux security,” Red Hat said in a statement announcing the StackRox transaction.  “With this acquisition, Red Hat will further expand its security leadership, adding StackRox’s complementary capabilities to strengthen integrated security across its open hybrid cloud portfolio with greater simplicity and consistency,” the company said.

[ RELATED: StackRox Raises $26.5 million ]

“With StackRox, Red Hat will focus on transforming how cloud-native workloads are secured by expanding and refining Kubernetes’ native controls, as well as shifting security left into the container build and CI/CD phase, to provide a cohesive solution for enhanced security up and down the entire IT stack and throughout the lifecycle.”

Founded in 2014, StackRox shifted its focus over the past two years to focus on Kubernetes security.  The StackRox software provides visibility across all Kubernetes clusters, by directly deploying components for enforcement and deep data collection into the Kubernetes cluster infrastructure, reducing the time and effort needed to implement security, and streamlining security analysis, investigation and remediation.

In addition to Red Hat OpenShift, the companies reiterated that StackRox would continue to support multiple Kubernetes platforms, including Amazon Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE).

Red Hat said it plans to open source StackRox’s technology at a later date and will continue to support the KubeLinter community as well as new communities as Red Hat works to open source StackRox’s offerings. 

IBM acquired Red Hat in July 2019 for $34 billlion in cash to bolster its position in the cloud services market.

Related: Container Security Firm Twistlock Raises $33 Million

Related: Container Security Company Aqua Raises $30 Million

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...