StackRox delivers container and Kubernetes security to US Air Force

Tech Intelligence Bulletin (HG Insights) – StackRox has received a Phase II award to deploy the StackRox Kubernetes Security Platform to secure software containers and Kubernetes applications inside the US Air Force (USAF) and Department of Defense (DoD).

Under the Phase II award, StackRox will build on the work it completed in Phase I, supporting DevOps and DevSecOps initiatives for Platform One, an official DoD DevSecOps Enterprise Services team, as well as software factories throughout the USAF and DoD. Platform One will leverage the StackRox Kubernetes Security Platform to enhance warfighters’ ability to rapidly create and deploy software applications in a secure, flexible, and interoperable manner.

“Urgent need to secure software containers”

“There is an urgent need to secure software containers and Kubernetes using automated and portable processes so that software factories within the DoD, like Platform One, can adopt development practices that substantially decrease the time needed to create and deploy secure software applications,” said Branden Wood, director of federal business for StackRox. “StackRox is honored to participate in the mission-critical work of software developers in the USAF and DoD as we work together to achieve more secure and performant applications, infrastructure, and processes.”

Kubernetes security and compliance

The award will enable StackRox to deliver its commercial Kubernetes security and compliance capabilities to support the DoD’s entire software enterprise as it accelerates migration towards DevSecOps and modernizes everything from the Air Force Portal to some of the most classified systems in the DoD. These capabilities include:

  • Vulnerability Management and Risk Profiling: StackRox works with CI/CD pipelines to prevent non-compliant builds and uses Kubernetes data to assess overall risk.
  • Network Segmentation: StackRox implements firewalling and segmentation via Kubernetes network policies.
  • Continuous Compliance: StackRox continuously checks against CIS Benchmarks for Docker and Kubernetes, NIST SPs 800-190 and 800-53, PCI, and HIPAA.
  • Configuration Management: StackRox automates ongoing checks to protect against misconfigurations in containers and Kubernetes.
  • Runtime Detection and Incident Response: StackRox automatically detects and prevents threats and streamlines incident response while minimizing alert fatigue.

“Enabling our warfighters with continuous innovation in software delivery, and ensuring those applications and data are secure, is essential to our readiness,” said Maj. Rob Slaughter, US Air Force. “We’ve architected our Platform One software factory as a hardened environment for rapid innovation based on containers and Kubernetes. Having StackRox secure that environment, leveraging its Kubernetes-native architecture, helps us deliver security across the application life cycle, from build to deploy to runtime.”