apacciooutlook logo

Docker Unveils Security Scanning Platform for Safegaurding Containerized Applications

Friday, May 20, 2016

content-image

SAN FRANCISCO, CA: Docker –an open source platform for developers and system administrators to build, ship and run distributed applications– announces the security scanning feature that provides a security assessment of the software included in container images.

Previously known as Project Nautilus, Docker Security Scanning enables detailed image security profiles, continuous vulnerability monitoring and notifications for integrated content security across the entire software supply chain.

Docker Security Scanning provides binary level scanning. The scanning starts when a user pushes an image to a repository in Docker Cloud. The scanner service takes the image and separates it into its respective layers and components. Then the components are sent to the validation service to check against multiple CVE databases for package name and version.

Docker image scanning and vulnerability detection provides a container-optimized capability for granular auditing of images. The results are presented in a Bill of Materials (BOM) containing the details of the image layers and components, along with and the security profile of each component. This allows ISVs (Independent Software Vendors) and app teams to make informed decisions regarding that content based on their respective security policies. With this information, ISVs can actively fix vulnerabilities to maintain a high-quality security profile of their content that they can then transparently expose to their end users

New features for security scanning platform includes secure content, deep visibility with binary level scanning, proactive risk management and supply chain security.

Docker Security Scanning will be available as a limited time free trial for three months, where Docker cloud users will be able to scan their private repos for vulnerable image components. 

Leaders Speak

Andy Nallappan, VP & CIO,

The Industry Demands Quick Upgrade into Cloud

By Andy Nallappan, VP & CIO,

Global Information Technology, Avago Technologies

Steven Weinreb, CIO & EVP, Technology & Operations, Asia, MetLife

Embracing Advanced Tech-enabled Solutions that Foster Innovation and Growth

By Steven Weinreb, CIO & EVP, Technology & Operations, Asia, MetLife

Anil Khatri,

Trends that are on Every CIO's Watch-list

By Anil Khatri,

Head IT-South Asia,

SAP

James F. Hanauer, CTO, VP Engineering and Art Saisuphaluck, Solutions Architect, R&D Lead, CTSI-Global

Simplifying Infrastructure Management with Microsoft Solutions

By James F. Hanauer, CTO, VP Engineering and Art Saisuphaluck, Solutions Architect, R&D Lead, CTSI-Global

Mickey Bradford, VP-IT/CTO, Exchange; & Jay McCartin, VP-Logistic Operations,  Army & Air Force Exchange Service

Embracing Cloud Hosting Benefits

By Mickey Bradford, VP-IT/CTO, Exchange; & Jay McCartin, VP-Logistic Operations, Army & Air Force Exchange Service

Featured Vendors