By Selvam Thangaraj The powerful capabilities enabled by OpenShift Image Streams is a welcome addition to the Red Hat OpenShift container platform. As more enterprises begin moving container workloads into production, the requirement to automate both the application management as well as the security tasks in their CI/CD pipeline becomes more critical. OpenShift Image Streams… Read more »
Docker Security
Delivering Shift-Left Security with NeuVector and JFrog Xray
Bringing Kubernetes app security insights to developers By Henrik Rosendahl & Craig Peters Kubernetes, the container and orchestration tool favored by enterprises, provides great benefit in automating many aspects of application deployment at scale. But, like any emerging technology, there are perils as well. Administrators are learning that deployments of these new cloud architectures can… Read more »
Docker Security
Automating Image Scanning with Jenkins
By Xiaofeng Sun Containers provide an easy and efficient way to deploy applications. But container images may contain open source code over which you don’t have a full control. Many vulnerabilities in open source projects have been reported, and you may decide to use these libraries with vulnerabilities or not after scanning the images and… Read more »
Container Security
Backdoor Found in Open Source SSH package
A serious backdoor vulnerability in a popular software package was recently reported. It was found in the ssh-decorator Python package. In this open source library, a log function was sending clear text IP addresses, login names and passwords to an external site: “ssh-decorate.cf/index.php.” This immediately became one of the hottest topics about which thousands of… Read more »
Cloud Security
Achieving Open Source Security in Container Environments
By Tim Mackey, Technology Evangelist , Black Duck by Synopsys This is a guest post from NeuVector partner Black Duck Software. Today, open source components are at the heart of most modern applications, transforming how we architect solutions in every industry. Black Duck’s 2017 Open Source Security and Risk Analysis of over 1000 commercial applications revealed that… Read more »
Recent Posts
Container Security Monitoring with Prometheus and Grafana
NeuVector Announces New Run-time Container Security Capabilities for AWS Cloud with Integrations for AWS EKS, AWS ECS and AWS App Mesh
How to Mitigate the SACK Panic DDoS Attack
figo Converts to Container Infrastructure for Speed, Efficiency and Scalability
Alpine Linux Docker Image Vulnerability CVE-2019-5021