"Container security is Linux security," asserted Red Hat, explaining that StackRox's capabilities are complementary to its own, and will help improve the security of cloud-native workloads by expanding and refining Kubernetes' native controls, and by shifting security into the container build and CI/CD phase.
StackRox's approach is Kubernetes-native rather than container focussed, officials said, and that makes it easier to control and enforce policies across all Kubernetes clusters.
The StackRox policy engine includes hundreds of built-in controls to enforce security best practices, industry standards such as CIS Benchmarks and NIST, and configuration management of both containers and Kubernetes, and runtime security.
StackRox will continue to support multiple Kubernetes platforms, including Amazon Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE) as well as RedHat OpenShift.
Red Hat plans to open source StackRox's technology following the proposed acquisition.
"Securing Kubernetes workloads and infrastructure cannot be done in a piecemeal manner; security must be an integrated part of every deployment, not an afterthought. Red Hat adds StackRox's Kubernetes-native capabilities to OpenShift's layered security approach, furthering our mission to bring product-ready open innovation to every organisation across the open hybrid cloud across IT footprints," said Red Hat president and CEO Paul Cormier.
StackRox CEO Kamal Shah said "We're thrilled to join forces with Red Hat, coupling the industry's first Kubernetes-native security platform with the leading Kubernetes platform for hybrid cloud, multi-cloud, and edge deployments. This is a tremendous validation of our innovative approach to container and Kubernetes security. Red Hat is an ideal partner to accelerate our vision of enabling organisations to securely build, deploy and run their cloud-native applications anywhere."
The transaction is expected to close in the first quarter of 2021, subject to customary closing conditions. Terms were not disclosed.