What is Red Hat Advanced Cluster Security for Kubernetes?

Red Hat® Advanced Cluster Security for Kubernetes is an enterprise-ready, Kubernetes-native container security solution that enables you to more securely build, deploy, and run cloud-native applications.

Migrating from StackRox? 

StackRox to Red Hat Best Practices
Migrate from StackRox.io to registry.redhat.io to access images
try it

Top Resources

Product Documentation
Release Notes
Support Policy
Data sheet
Red Hat ACS on redhat.com
Operator information

Product Policies and Support Programs

Life Cycle Policies

Red Hat offers support and maintenance over stated time periods for the major versions of Red Hat Advanced Cluster Security for Kubernetes.
Life-Cycle and Subscription Services

Support Program & Policies

Features

Installation

Use the Operator, Helm chart, or YAML files to install into a Red Hat OpenShift cluster, and get application and cluster security information in less than 15 minutes. 

Compliance

Assess compliance across hundreds of controls for CIS Benchmarks, Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPPA), and NIST SP 800-190. View at-a-glance dashboards of overall compliance across each standard's controls with evidence export to meet auditor needs.

Runtime detection and response

Monitor system-level events with containers to detect anomalous activity indicative of a threat with automated response using Kubernetes-native controls. Baseline process activity in containers to automatically allowlist processes. Use pre-built policies to detect crypto mining, privilege escalation, and various exploits. 

Network segmentation

Visualize allowed vs. active traffic between namespaces, deployments, and pods, including external exposures. Simulate network policy changes before they are implemented to minimize operational risk to the environment, and create baselines determined by the network activity in your cluster. 

Vulnerability management

Scan images for known vulnerabilities based on specific languages, packages, and image layers at every stage of your application lifecycle. Correlate vulnerabilities to images and running deployments to get a greater impact assessment. Enforce policies based on vulnerability details at these milestones:

  • At build time using continuous integration/continuous delivery (CI/CD) integrations
  • At deploy time using dynamic admission controls
  • At runtime using native Kubernetes controls.

Integrations

Use a rich application programming interface (API) and pre-built plugins to integrate with DevOps systems, including CI/CD tools, image scanners, registries, container runtimes, security integration event management (SIEM) solutions, and notification tools. 

How can we help you?

Support Cases

Get answers quickly by opening a support case with us.

View Open Cases

Open New Case

Live Chat

Directly access our support engineers during weekday business hours.

Learn more

Call or Email

Speak directly with a Red Hat support expert by phone or through email.

Contact Us