Red Hat has fully migrated its Advanced Cluster Security tool for Kubernetes to open source and named it the StackRox project in recognition of the platform's origins, according to SDxCentral
The move marks the culmination of steps that began with Red Hat's 2021 purchase of Kubernetes security startup StackRox, whose technology the company used for its OpenShift Platform Plus project and was the basis for the Advanced Cluster Security for Kubernetes product. Red Hat followed that up with the introduction of the StackRox community and finally launched the product to open source, allowing users and developers to participate in its codebase development and testing through GitHub.The project will help "DevSecOps by integrating security capabilities within the development and deployment lifecycle," Red Hat said.
Michael Foster, Red Hat's principal product marketing manager and a former StackRox participant, said the move comes as more security vendors are pushing to strengthen DevSecOps teams in light of the recent Log4j and Log4Shell breaches
. The speed in which security teams fixed those exploits made a strong argument for the open source model, Foster added.