November 13, 2018

#KubeCon 2018 Q&A: StackRox Will Showcase Containers and Kubernetes Security and Multi-Factor Risk Profiling and Enforcement at Booth S62 Share

Written by

Are you attending KubeCon 2018 in Seattle in December?  If so, I invite you to add StackRox to your MUST SEE list of vendors. 

KubeCon 2018 is shaping up to be a fantastic event!  And the number of sponsoring vendors at this year's show is impressive.  One of the companies on VMblog's MUST SEE list this year is StackRox.  The company is a proven leader in security for containerized, cloud-native applications.  StackRox is unique in that it leverages run-time data to proactively identify security risks earlier in the container life cycle and protects against key orchestrator-based threats; and, they seamlessly reduce the attack surface throughout the container lifecycle to provide customers with an unmatched level of security against emerging container-based threats.

Read this exclusive pre-show interview between VMblog and StackRox to learn what they have planned for the upcoming KubeCon North America 2018 event and why you need to visit their booth.

 

VMblog:  As a KubeCon 2018 sponsor, how can people find you at the show?  And what's interesting or unique about your booth?

StackRox:  We're in Booth S62, and we're going to have a lot going on. We've got the StackRox Prize Wheel back in action - it's always a huge draw, and everyone's a winner! We're also entering folks in our drawing for Ring Video Doorbells - we'll be giving away 20 of these! Our RoxStar team will be sharing great insights on how our customers are securing their containers and Kubernetes environments.

VMblog:  If an attendee likes what they see and hear at your booth... what message about your product can you send them back with to sell their boss on your technology?

StackRox:  StackRox is the only container security platform that makes security for containers and Kubernetes part of the DevOps infrastructure and workflow. We provide context across your full deployment - not just your image - so you know whether a given container is running in test vs. prod, is open to the Internet, or is part of a critical application like your payment card app. That rich context enables us to provide you a stack-ranked list of your riskiest deployments, using far more than vulnerability information. Our platform is also tightly integrated with Kubernetes, so the Security and DevOps teams are using the same infrastructure for network policy enforcement. That integration means Security and DevOps work together. Plus, we apply the CI/CD methodology of a feedback loop to give you an ever-shrinking attack surface, leveraging runtime data to further harden your infrastructure. 

VMblog:  What are some of the reasons why you believe a KubeCon attendee should add you to their MUST SEE list?

StackRox:  We're the only security platform that secures and leverages Kubernetes as a central aspect of our architecture. You get the power of the Kubernetes community improving your network policy enforcement technology, and we make it possible to visualize, simulate, and gain recommendations on your Kubernetes network policies.

VMblog:  Have you sponsored KubeCon before?  If not, what about this event grabbed your attention?

StackRox:  This KubeCon will be our first - we're attracted to the event because we find that the organizations that are deep into Kubernetes are best positioned to need and understand the unique Kubernetes security features we bring to the table. Deep familiarity with concepts such as Kubernetes deployments, network policies, and role-based access control - and how to leverage those capabilities to strengthen your security posture - makes for great conversation.

VMblog:  Can you give VMblog readers a sneak peek as to what you will be showing off at your booth?  What should attendees expect to see and hear at your booth?

StackRox:  We'll be showcasing how we use deep integration with Kubernetes and the context of Kubernetes deployments to create multi-factor risk profiling and better enforcement. Amongst the container security and Kubernetes security measures we'll be demoing are how to:

  • prevent the crypto-mining attack that Tesla suffered on AWS
  • find newly discovered vulnerabilities and where they're running in your live environments
  • identify an attacker loading nmap to scan for vulnerabilities or launch DoS attacks
  • pinpoint abnormal secrets being used
  • highlight Internet-facing communications channels that leave privileged assets exposed

VMblog:  Thinking about your company, give readers a few reasons why your product or service is considered unique. 

StackRox:  A solid handful of companies are working to provide container security across the full life cycle of build, deploy, and run. StackRox is unique in three ways.

1.    We provide rich context based on broad set of data points pulled from the Kubernetes deployment to make prevention and detection better

2.    We integrate deeply with Kubernetes to leverage its native controls, giving you better enforcement by tapping into the collective innovation of the community and keeping DevOps and Security aligned

3.    We enable an ever-shrinking attack surface by using our own continuous feedback loop, leveraging build and deploy data to improve detection and pulling the findings from detection back into the build and deploy phases to improve risk profiling

Simply put, deep integration with DevOps tooling and processes leads to better security for your applications.

VMblog:  How does your company and product fit within the container or cloud ecosystem?

StackRox:  The StackRox Container Security Platform deploys as a container and provides hardening of containers and Kubernetes to reduce the attack the surface. Our software deploys wherever you're running containers - on prem or in the cloud - and we tie into the broader DevOps tooling such as CI/CD tools, registries, Kubernetes, secrets management systems, and managed cloud services.

VMblog:  What are you looking forward to most at this year's event?

StackRox:  Great conversations with brilliant DevOps teams building amazing software leveraging the power of Kubernetes.

VMblog:  What would you say to prospective attendees who are thinking about attending KubeCon but aren't sure if it's worth it or not?

StackRox:  The world is converging on Kubernetes. If you want to be at the center of next-gen app development, this is your world, and the sooner you master this technology, the more value you'll deliver.

VMblog:  What do you think we need to do collectively as an ecosystem to strengthen the industry?

StackRox:  Bring more women and people of color into the software development world. A more diverse collection of people will bring a more innovative set of solutions to market and improve the lives of people all over the world. Our creativity and breadth of thinking can only enlarge as we make this tent bigger.

VMblog:  What do you hope to come away with from exhibiting at KubeCon?  What does event success look like to you?

StackRox:  Success comes from a combination of increasing awareness of StackRox as a company and in sharing the details of how we improve security with people embarking on container security and Kubernetes security projects.

VMblog:  Do you have any tips for first time attendees that you'd like to share?

StackRox:  Bring two pairs of shoes - alternate them on different days to give your feet a break.

VMblog:  Attendees always enjoy a good trade show tchotchke.  Are you guys giving away anything special or interesting this year?

StackRox:  Our prize wheel, where everyone's a winner, includes fun give-aways like fidget cubes, carabiners, camera covers, and light-up reusable ice cubes. We're also entering people to win 20 Ring video doorbells - so head over to our booth and make sure you're entered!

VMblog:  Does your company have any speaking sessions during the show?  If so, can you give us the who, what, when and where? 

StackRox:  Our session topics on Kubernetes security and multi-cluster management weren't accepted this year - we intend to host webinars to share our learnings.

VMblog:  Are you guys throwing or involved with any type of party during the event?  Can you share the details? 

StackRox:  We're hosting an executive dinner Monday night - senior IT staff interested in discussing best practices for Kubernetes security can send us a note at This email address is being protected from spambots. You need JavaScript enabled to view it. to request an invitation.

David Marshall

David Marshall has been involved in the technology industry for over 19 years, and he's been working with virtualization software since 1999. He was able to become an industry expert in virtualization by becoming a pioneer in that field - one of the few people in the industry allowed to work with Alpha stage server virtualization software from industry leaders: VMware (ESX Server), Connectix and Microsoft (Virtual Server).

Through the years, he has invented, marketed and helped launch a number of successful virtualization software companies and products. David holds a BS degree in Finance, an Information Technology Certification, and a number of vendor certifications from Microsoft, CompTia and others. He's also co-authored two published books: "VMware ESX Essentials in the Virtual Data Center" and "Advanced Server Virtualization: VMware and Microsoft Platforms in the Virtual Data Center" and acted as technical editor for two popular Virtualization "For Dummies" books. With his remaining spare time, David founded and operates one of the oldest independent virtualization news blogs, VMblog.com. And co-founded CloudCow.com, a publication dedicated to Cloud Computing. Starting in 2009 and continuing all the way to 2016, David has been honored with the vExpert distinction by VMware for his virtualization evangelism.

Sponsors

logo anaconda 600

logo binaras 600

logo chef 600

logo hedvig 600

logo kublr 600

 logo lacework 600

 logo platform9 600

 logo pulumi 600

 logo rancher stacked 600

 logo snaproute 600

 logo stackrox 600

 logo sysdig 600

Latest Videos