Zürich, 11. Januar 2021 – Red Hat, der weltweit führende Anbieter von Open-Source-Lösungen, plant die Übernahme von StackRox, einem Spezialisten für Container- und Kubernetes-native Sicherheitslösungen. Dank der Integration von StackRox in Red Hat OpenShift steht Unternehmen eine ganzheitliche, offene Hybrid-Cloud-Plattform zur Verfügung, über die sie nahezu jede Anwendung sicher entwickeln, bereitstellen und betreiben können.
Die Akzeptanz von Containern und Kubernetes in Produktionsumgebungen nimmt kontinuierlich zu, trotzdem bleiben Herausforderungen bestehen. Laut dem Gartner-Bericht „Best Practices for Running Containers and Kubernetes in Production” haben viele Unternehmen Bedenken in Bezug auf Sicherheit, Überwachung, Datenmanagement und Vernetzung. Um diese Zweifel zu entkräften, benötigen sie Lösungen, die eine sichere Grundlage für unternehmenskritische Workloads schaffen.
Red Hat OpenShift verfolgt einen mehrschichtigen Ansatz zur Absicherung von Containern. Mit der Übernahme von StackRox baut Red Hat die nativen Kontrollen der Kubernetes-Plattform aus und verlagert die Sicherheit in die Container-Build- und CI/CD-Phase, um eine kohärente Lösung für mehr Security im gesamten IT-Stack und über den gesamten Lebenszyklus zur Verfügung zu stellen. Die StackRox-Software bietet Transparenz über alle Kubernetes-Cluster hinweg, indem sie Komponenten für Enforcement und Deep Data Collection direkt in die Kubernetes-Cluster-Infrastruktur implementiert, was den Zeit- und Arbeitsaufwand für die Implementierung von Sicherheit reduziert und die Analyse, Untersuchung und Wiederherstellung vereinfacht. Die Richtlinien-Engine von StackRox umfasst Hunderte von integrierten Kontrollen zur Durchsetzung von Best Practices für Security, Industriestandards wie CIS Benchmarks und NIST sowie die Konfigurationsverwaltung von Containern und Kubernetes. Neben Red Hat OpenShift wird StackRox weiterhin andere Kubernetes-Plattformen unterstützen, darunter Amazon Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS) und Google Kubernetes Engine (GKE). Gleichzeitig hilft StackRox, DevSecOps zu vereinfachen und Cloud-native Umgebungen intrinsisch sicherer zu machen, indem es sich direkt in Application Pipelines und die bestehenden Registry-, Image-Scanning- und CI/CD-Tools von Unternehmen integriert.
Gemäss dem Open-Source-Gedanken wird Red Hat die Technologie von StackRox nach der Übernahme als Open-Source-Lösung anbieten. Red Hat wird zudem die KubeLinter-Community sowie neue Communities unterstützen, während Red Hat daran arbeitet, die Angebote von StackRox als Open Source zu veröffentlichen.
Der Abschluss der Übernahme wird für das erste Quartal 2021 erwartet, vorbehaltlich der üblichen Genehmigungen.
Beste Grüsse
Jenni Kommunikation für Red Hat
Oliver Schneider
Südstrasse 85
8008 Zürich
Tel: 044 388 60 80
oliver.schneider@jeko.com
www.jeko.com
Die vollständige Pressemitteilung in englischer Sprache:
Red Hat to Acquire Kubernetes-Native Security Leader StackRox
With StackRox, Red Hat strengthens customers’ ability to build, deploy and run applications more securely across the open hybrid cloud
RALEIGH, N.C. – GITHUB UNIVERSE – January 7, 2021 – Red Hat, Inc., the world’s leading provider of open source solutions, today announced its intent to acquire StackRox, a leader and innovator in container and Kubernetes-native security. By bringing StackRox’s powerful Kubernetes-native security capabilities to Red Hat OpenShift, the industry’s leading enterprise Kubernetes platform, Red Hat will further its vision to deliver a single, holistic platform that enables users to build, deploy and securely run nearly any application across the entirety of the hybrid cloud.
Kubernetes, one of the fastest growing open source projects, is the foundation of cloud-native applications, which are core to the digital transformation that is occurring across industries. As container and Kubernetes adoption in production environments grows, challenges remain. According to Gartner, „Container usage for production deployments in enterprises is still constrained by concerns regarding security, monitoring, data management and networking.“ (1)
To help mitigate these concerns, organizations need solutions that lay a secure foundation for modern workloads.
Container security is Linux security. Red Hat has long been a leader in security for enterprise open source solutions, beginning with Red Hat Enterprise Linux and continually evolving to set new standards to secure cloud-native environments. Building on this foundation, OpenShift takes a layered approach to securing containers, integrating security throughout the container lifecycle, from building, to deploying to running containers in mission critical environments.
With this acquisition, Red Hat will further expand its security leadership, adding StackRox’s complementary capabilities to strengthen integrated security across its open hybrid cloud portfolio with greater simplicity and consistency. With StackRox, Red Hat will focus on transforming how cloud-native workloads are secured by expanding and refining Kubernetes’ native controls, as well as shifting security left into the container build and CI/CD phase, to provide a cohesive solution for enhanced security up and down the entire IT stack and throughout the lifecycle.
Founded in 2014, StackRox was created with a goal of reinventing enterprise security and has evolved over the past two years to focus on Kubernetes security. Unlike first generation container security platforms, which were often container-centric offerings, StackRox differentiates with a Kubernetes-native security platform. With this, organizations can more easily control and enforce policies, using the same declarative approach as Kubernetes to scale their applications while still maintaining the necessary security.
The StackRox software provides visibility across all Kubernetes clusters, by directly deploying components for enforcement and deep data collection into the Kubernetes cluster infrastructure, reducing the time and effort needed to implement security, and streamlining security analysis, investigation and remediation. The StackRox policy engine includes hundreds of built-in controls to enforce security best practices, industry standards such as CIS Benchmarks and NIST, and configuration management of both containers and Kubernetes, and runtime security.
In addition to Red Hat OpenShift, StackRox will continue to support multiple Kubernetes platforms, including Amazon Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE).
StackRox also helps to simplify DevSecOps and enable cloud-native environments to be more intrinsically secure, by integrating directly into application pipelines and customers’ existing registry, image scanning and CI/CD tools. In October 2020, StackRox launched KubeLinter, an open source project that analyzes Kubernetes YAML files and Helm charts for correct configurations, with a focus on enabling production readiness and security earlier in the development process.
Consistent with Red Hat’s open source heritage, Red Hat plans to open source StackRox’s technology post acquisition. Red Hat will continue to support the KubeLinter community as well as new communities as Red Hat works to open source StackRox’s offerings.
The transaction is expected to close in the first quarter of 2021, subject to customary closing conditions.
(1) Gartner, Best Practices for Running Containers and Kubernetes in Production, 4 August 2020
Supporting Quotes
Paul Cormier, president and CEO, Red Hat
“Securing Kubernetes workloads and infrastructure cannot be done in a piecemeal manner; security must be an integrated part of every deployment, not an afterthought. Red Hat adds StackRox’s Kubernetes-native capabilities to OpenShift’s layered security approach, furthering our mission to bring product-ready open innovation to every organization across the open hybrid cloud across IT footprints.”
Kamal Shah, CEO, StackRox
„We’re thrilled to join forces with Red Hat, coupling the industry’s first Kubernetes-native security platform with the leading Kubernetes platform for hybrid cloud, multicloud, and edge deployments. This is a tremendous validation of our innovative approach to container and Kubernetes security. Red Hat is an ideal partner to accelerate our vision of enabling organizations to securely build, deploy and run their cloud-native applications anywhere.“
Connect with Red Hat
- Learn more about Red Hat
- Get more news in the Red Hat newsroom
- Read the Red Hat blog
- Follow Red Hat on Twitter
- Join Red Hat on Facebook
- Watch Red Hat videos on YouTube
- Follow Red Hat on LinkedIn
About Red Hat, Inc.
Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies. Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.
Forward-Looking Statements
Certain statements contained in this press release may constitute „forward-looking statements“ within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements. The forward-looking statements included in this press release represent the Company’s views as of the date of this press release and these views could change. However, while the Company or its parent International Business Machines Corporation (NYSE:IBM) may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company’s views as of any date subsequent to the date of this press release.
###
Red Hat, Red Hat Enterprise Linux and the Red Hat logo are trademarks or registered trademarks of Red Hat, Inc. or its subsidiaries in the U.S. and other countries. Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Posted on