Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Application Security

Red Hat Open-Sourcing StackRox Security Technology

Red Hat this week announced that it’s taking the first steps towards open-sourcing the StackRox container security product for Kubernetes.

Red Hat this week announced that it’s taking the first steps towards open-sourcing the StackRox container security product for Kubernetes.

Announced only months after Red Hat bought StackRox, the new StackRox community project follows the organization’s business model of providing open source enterprise solutions.

The upstream project will “work to open source and manage the code that powers Red Hat Advanced Cluster Security for Kubernetes,” which offers Kubernetes-native security for all those using Red Hat OpenShift, and to various public cloud Kubernetes services.

Open-sourcing StackRox is expected to provide a wider set of choices to users looking to keep Kubernetes environments protected, and should also drive further product developments.

“Once up and running, the StackRox project will enable users to address major security use cases across the application lifecycle, including visibility, vulnerability management, configuration management, network segmentation, compliance, threat detection and incident response, as well as risk profiling,” Red Hat says.

Furthermore, Red Hat says it will contribute to open source projects that StackRox software takes advantage of and actively engage with those communities.

The StackRox community will also encompass static analysis tool KubeLinter, which was open-sourced in October 2020 and which helps identify misconfigurations, as well as enforce security best practices.

Advertisement. Scroll to continue reading.

Related: Cisco Acquires Kubernetes-Native Security Platform Portshift

Related: VMware to Acquire Kubernetes Security Firm Octarine

Related: Google Adds GKE Open-Source Dependencies to Vulnerability Rewards Program

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in...