VMblog: As a KubeCon 2018 sponsor, how can people find you at the show? And what's interesting or unique about your booth?
StackRox: We're in Booth S62, and we're going to have a lot going on. We've got the StackRox Prize Wheel back in action - it's always a huge draw, and everyone's a winner! We're also entering folks in our drawing for Ring Video Doorbells - we'll be giving away 20 of these! Our RoxStar team will be sharing great insights on how our customers are securing their containers and Kubernetes environments.
VMblog: If an attendee likes what they see and hear at your booth... what message about your product can you send them back with to sell their boss on your technology?
StackRox: StackRox is the only container security platform that makes security for containers and Kubernetes part of the DevOps infrastructure and workflow. We provide context across your full deployment - not just your image - so you know whether a given container is running in test vs. prod, is open to the Internet, or is part of a critical application like your payment card app. That rich context enables us to provide you a stack-ranked list of your riskiest deployments, using far more than vulnerability information. Our platform is also tightly integrated with Kubernetes, so the Security and DevOps teams are using the same infrastructure for network policy enforcement. That integration means Security and DevOps work together. Plus, we apply the CI/CD methodology of a feedback loop to give you an ever-shrinking attack surface, leveraging runtime data to further harden your infrastructure.
VMblog: What are some of the reasons why you believe a KubeCon attendee should add you to their MUST SEE list?
StackRox: We're the only security platform that secures and leverages Kubernetes as a central aspect of our architecture. You get the power of the Kubernetes community improving your network policy enforcement technology, and we make it possible to visualize, simulate, and gain recommendations on your Kubernetes network policies.
VMblog: Have you sponsored KubeCon before? If not, what about this event grabbed your attention?
StackRox: This KubeCon will be our first - we're attracted to the event because we find that the organizations that are deep into Kubernetes are best positioned to need and understand the unique Kubernetes security features we bring to the table. Deep familiarity with concepts such as Kubernetes deployments, network policies, and role-based access control - and how to leverage those capabilities to strengthen your security posture - makes for great conversation.
VMblog: Can you give VMblog readers a sneak peek as to what you will be showing off at your booth? What should attendees expect to see and hear at your booth?
StackRox: We'll be showcasing how we use deep integration with Kubernetes and the context of Kubernetes deployments to create multi-factor risk profiling and better enforcement. Amongst the container security and Kubernetes security measures we'll be demoing are how to:
- prevent the crypto-mining attack that Tesla suffered on AWS
- find newly discovered vulnerabilities and where they're running in your live environments
- identify an attacker loading nmap to scan for vulnerabilities or launch DoS attacks
- pinpoint abnormal secrets being used
- highlight Internet-facing communications channels that leave privileged assets exposed
VMblog: Thinking about your company, give readers a few reasons why your product or service is considered unique.
StackRox: A solid handful of companies are working to provide container security across the full life cycle of build, deploy, and run. StackRox is unique in three ways.
1. We provide rich context based on broad set of data points pulled from the Kubernetes deployment to make prevention and detection better
2. We integrate deeply with Kubernetes to leverage its native controls, giving you better enforcement by tapping into the collective innovation of the community and keeping DevOps and Security aligned
3. We enable an ever-shrinking attack surface by using our own continuous feedback loop, leveraging build and deploy data to improve detection and pulling the findings from detection back into the build and deploy phases to improve risk profiling
Simply put, deep integration with DevOps tooling and processes leads to better security for your applications.
VMblog: How does your company and product fit within the container or cloud ecosystem?
StackRox: The StackRox Container Security Platform deploys as a container and provides hardening of containers and Kubernetes to reduce the attack the surface. Our software deploys wherever you're running containers - on prem or in the cloud - and we tie into the broader DevOps tooling such as CI/CD tools, registries, Kubernetes, secrets management systems, and managed cloud services.
VMblog: What are you looking forward to most at this year's event?
StackRox: Great conversations with brilliant DevOps teams building amazing software leveraging the power of Kubernetes.
VMblog: What would you say to prospective attendees who are thinking about attending KubeCon but aren't sure if it's worth it or not?
StackRox: The world is converging on Kubernetes. If you want to be at the center of next-gen app development, this is your world, and the sooner you master this technology, the more value you'll deliver.
VMblog: What do you think we need to do collectively as an ecosystem to strengthen the industry?
StackRox: Bring more women and people of color into the software development world. A more diverse collection of people will bring a more innovative set of solutions to market and improve the lives of people all over the world. Our creativity and breadth of thinking can only enlarge as we make this tent bigger.
VMblog: What do you hope to come away with from exhibiting at KubeCon? What does event success look like to you?
StackRox: Success comes from a combination of increasing awareness of StackRox as a company and in sharing the details of how we improve security with people embarking on container security and Kubernetes security projects.
VMblog: Do you have any tips for first time attendees that you'd like to share?
StackRox: Bring two pairs of shoes - alternate them on different days to give your feet a break.
VMblog: Attendees always enjoy a good trade show tchotchke. Are you guys giving away anything special or interesting this year?
StackRox: Our prize wheel, where everyone's a winner, includes fun give-aways like fidget cubes, carabiners, camera covers, and light-up reusable ice cubes. We're also entering people to win 20 Ring video doorbells - so head over to our booth and make sure you're entered!
VMblog: Does your company have any speaking sessions during the show? If so, can you give us the who, what, when and where?
StackRox: Our session topics on Kubernetes security and multi-cluster management weren't accepted this year - we intend to host webinars to share our learnings.
VMblog: Are you guys throwing or involved with any type of party during the event? Can you share the details?