StackRox has won a contract for the Small Business Innovation Research (SBIR) Phase II programme to deliver a security platform for the US Air Force (USAF) AFWERX and US Department of Defense (DoD).
Under the contract, the firm will deploy StackRox Kubernetes Security Platform to secure software containers and Kubernetes applications.
The SBIR programme supports the engagement of domestic businesses in federal research/research and development (R/R&D) efforts.
Under the latest contract for Phase II, StackRox will build on the work that was completed in Phase I of the project.
It will support DevOps and DevSecOps initiatives for software factories across the USAF and DoD, as well as the DoD’s Platform One DevSecOps Enterprise Services team.
Using the StackRox Kubernetes Security Platform, Platform One will enhance troops’ ability to create and deploy software applications in a way that is not just secure, but also flexible and interoperable.
US Air Force Major Rob Slaughter said: “Enabling our warfighters with continuous innovation in software delivery, and ensuring those applications and data are secure, is essential to our readiness.
“We’ve architected our Platform One software factory as a hardened environment for rapid innovation based on containers and Kubernetes.
“Having StackRox secure that environment, leveraging its Kubernetes-native architecture, helps us deliver security across the application lifecycle, from build to deploy to runtime.”
Delivery of the Kubernetes security and compliance capabilities by StackRox through the SBIR award will support the DoD’s software enterprise as the latter speeds up migration towards DevSecOps and modernises right from the US Air Force Portal to classified systems.
StackRox will be responsible for vulnerability management and risk profiling, network segmentation, continuous compliance, configuration management and runtime detection and incident response.
StackRox federal business director Branden Wood said: “There is an urgent need to secure software containers and Kubernetes using automated and portable processes so that software factories within the DoD, like Platform One, can adopt development practices that substantially decrease the time needed to create and deploy secure software applications.
“StackRox is honoured to participate in the mission-critical work of software developers in the USAF and DoD as we work together to achieve more secure and performant applications, infrastructure, and processes.”
StackRox’s Kubernetes security capabilities have been deployed by several federal agencies.
StackRox Kubernetes Security Platform is claimed to be the first security platform to have been certified by the Department of Homeland Security (DHS) for its use in Continuous Diagnostics and Mitigation (CDM) programme.