The StackRox Kubernetes Security Platform version 2.4.21 includes several new features and enhancements. To upgrade to this release from a previous version, see the Upgrade StackRox section.
The StackRox Kubernetes Security Platform enforces licensing restrictions in version 2.4.20 and higher.
Contact your sales representative or StackRox support if you don’t have a license.
Gain more visibility and control over the processes running in your deployments. From the Risk view, you can now see and address abnormal process executions. You can also define a set of processes that are allowed to run and trigger violations for all other processes. See the use process baselining page for more details.
You can now set a custom certificate on the Central server, so users and API clients don’t have to bypass certificate security warnings.
You can now change the StackRox portal to use a darker color scheme. To toggle between the dark mode and the light mode (default), select the Sun or the Moon icon in the upper right corner.
You can now choose to collect runtime activity on Red Hat Enterprise Linux using an Extended Berkeley Packet Filter (eBPF) program instead of a kernel module. To use eBPF in a cluster, select the eBPF option when you configure a Kubernetes or OpenShift cluster in the Platform Configuration > Integrations view.
You can now add policies that check whether host-mount or other volumes are writable so that you can prioritize writable volumes over read-only volumes. To get started, navigate to Platform Configuration > System Policies.
- ROX-2157: Previously, the API reference showed field names with the wrong
capitalization. The API reference documentation now uses the correct
- ROX-1840: In the Role-Based Access Control (RBAC) configuration view, there was a mismatch between the listed permissions and the initially defined permissions. The view now shows the correct set of permissions defined for a role.
- ROX-2389: Previously, StackRox Central could crash while sending a violation to Splunk if an invalid image name was used in the affected deployment. Version 126.96.36.199 resolves this issue.
We're happy to help! Reach out to us to discuss questions, issues, or feature requests.