Collaboration between StackRox and DHS S&T Enables Financial Services Sector to Protect Critical Cloud-Native Applications
StackRox, the leader in container and Kubernetes security, announced that it was awarded a Phase III contract by the Department of Homeland Security (DHS) Science and Technology Directorate (S&T)’s Silicon Valley Innovation Program (SVIP) to protect mission-critical, cloud-native applications for financial institutions. Through the Next Generation Cyber Infrastructure (NGCI) program, StackRox is delivering container and Kubernetes security for a large U.S. financial services company.
Read More: Banks Are Experiencing a Kodak Moment: Lessons Learned from a Fallen Giant
In 2018, StackRox was awarded a Phase II SVIP contract by DHS to advance container threat information sharing among financial institutions to prevent an attack from hitting multiple organizations. With this Phase III award, the financial services company is leveraging the StackRox Kubernetes Security Platform to defend its cloud-native infrastructure from vulnerabilities and misconfigurations while ensuring compliance and detecting and stopping runtime threats. By completing this phase of the program, StackRox will enable additional financial service institutions and other NGCI stakeholders to leverage StackRox to operationalize container and Kubernetes security at scale. Having delivered the industry’s only Kubernetes-native platform, StackRox delivers better security, reduced operational risk, and lower operational costs.
Read More: GlobalFintechSeries Interview with Michael Higgins, Chief Executive Officer at Velox Clearing
The Department of Homeland Security is investing heavily in safeguarding critical infrastructure that relies on cloud-native technology, particularly in the financial sector where the stakes are especially high. DHS and StackRox are working together to help DHS stakeholders stay ahead of the evolving threat landscape, with StackRox delivering capabilities that detect, defend, protect, restore and respond to sophisticated and targeted cyber-threats. In Phase III, StackRox is focused on securing the containerized applications of the financial sector partner throughout the application life cycle – build, deploy and runtime – across several key use cases, including:
- Visibility into cloud-native applications, including all images, container registries, Kubernetes deployment configurations, container runtime behavior, and more.
- Vulnerability Management to identify vulnerabilities in images, containers, Kubernetes, and running deployments and prevent non-compliant builds.
- Configuration Management to identify misconfigurations across images, containers, clusters, Kubernetes, and network policies, to prevent accidental misconfigurations that put application performance and security at risk.
- Threat Detection combining rules, whitelists, baselines, and behavioral modeling to identify threats at runtime in your container environments.
- Incident Response taking automated actions such as killing and restarting pods via Kubernetes to shut down attacks.
- Regulatory Compliance providing continuous and on-demand checks on controls to meet CIS Benchmarks, NIST 800-190 and 800-53, SOC 2, PCI, and HIPAA.
Read More: GlobalFintechSeries Interview with Chuck Klein, Chief Executive Officer & Founder at IMM
