In terms of money, Red Hat buying StackRox probably isn’t that big a deal. Sources say it was just above $100 million. Big money to you and me, but peanuts for big tech companies. But, when it comes to securing Kubernetes, this is an enormous deal not just for Red Hat and its in-house Kubernetes distro, OpenShift, but for all Kubernetes distros and services.
That’s because StackRox’s software does an exceptional job of providing visibility across Kubernetes clusters by deploying components for enforcement and data collection directly into the Kubernetes cluster infrastructure. StackRox also provides a policy engine that includes hundreds of built-in controls to enforce security best practices, industry standards, and configuration management.
With StackRox, Red Hat said it would focus on improving security for cloud-native workloads by expanding and refining Kubernetes’ native controls, and shifting security into the container build and CI/CD phase.
Best of all, Red Hat will be open-sourcing StackRox’s technology. In addition to OpenShift, StackRox will continue to support multiple Kubernetes platforms, including Amazon Elastic Kubernetes Service, Microsoft Azure Kubernetes Service, and Google Kubernetes Engine.
Red Hat is also expected to integrate StackRox’s security measures with its container registry Quay. This will enable you to ensure security in your application pipelines, including your existing container image scanning and continuous integration, continuous delivery, and continuous deployment (CI/CD) programs.
Red Hat will also be getting KubeLinter, StackRox’s newly open-sourced lint-style analysis program for Kubernetes YAML files and Helm charts. This will also prove very useful for both securing and cleaning up cloud-native programs.
After all, as Red Hat CEO Paul Cormier said, “Securing Kubernetes workloads and infrastructure cannot be done in a piecemeal manner; security must be an integrated part of every deployment, not an afterthought. Red Hat adds StackRox’s Kubernetes-native capabilities to OpenShift’s layered security approach, furthering our mission to bring product-ready open innovation to every organization across the open hybrid cloud across IT footprints.”
Ashesh Badani Red Hat’s senior VP of Cloud Platforms, added after the deal was completed that:
Over the past several years we have paid close attention to how our customers are securing their workloads, as well as the growing importance of GitOps to organizations. Both of these have reinforced how critically important it is for security to “shift left” – integrated within every part of the development and deployment lifecycle and not treated as an afterthought. With StackRox, we will be working to add security into container build and CI/CD processes. This helps to more efficiently identify and address issues earlier in the development cycle while providing more cohesive security up and down the entire IT stack and throughout the application lifecycle.
It’s not just Red Hat that thinks well of this acquisition. 451 Research likes it too. “For those looking to secure complex environments, they need more than security features alone — there’s a need for visibility across many environments, compliance management, threat detection, incident response, and much more,” it said. That’s exactly what StackRox software offerings will give Red Hat and other companies’ Kubernetes-based hybrid-clouds and programs.