Stackrox Acquisition: The Race to Secure Containers
Today, Red Hat announced its intent to acquire Stackrox. This is a very exciting development in the world of cloud-native security! First and foremost, congratulations to Stackrox, an early participant in the container security space. This acquisition is a great outcome for Stackrox given their nascent scale and on-premises offering. It also validates the massive opportunity unfolding in the security world as Red Hat realizes security and compliance are major barriers to cloud-native adoption and the importance of security for successful container platform deployments. However, while Stackrox will provide Red Hat a security solution that works for OpenShift, over time customers may be faced with a choice between an embedded, uniplatform approach versus a broader multi-cloud, open security approach. We, of course, believe that the future of security is open, multi-cloud, and SaaS. There are a few other key takeaways from the Stackrox news: The Red Hat Stackrox relationship, and the earlier acquisition of Twistlock by Palo Alto Networks and of Octarine by VMWare, underscore a couple of key takeaways:
- Container and Kubernetes security require a ground-up design and retrofitting existing security tools simply doesn’t work.
- Large companies will pay a large multiple once it is clear a market will yield huge revenue growth. The container security market is taking off like a rocket.
1. Container security starts with solving the visibility challenge
There is no security without visibility. Containers are black boxes, dynamic, and short-lived, which blocks visibility and makes traditional security tools ineffective. Cloud security teams need tools that provide granular visibility with service-level context, integrated across their DevOps workflow. This visibility needs to extend beyond image scanning and runtime detection and include detailed activity records for forensic investigations.2. The future of security is open
Open source is everywhere. The CI/CD tool chain is predominantly open source and Kubernetes is the clear standard for container orchestration. The benefits of open source are particularly relevant for security.- Open source innovates faster.
- Open source standardization provides consistency you can count on.
- Adhering to open standards protects an organization’s investment.