NEWS
NEWS
NEWS
Docker launches a cloud-based security service for analyzing container images
The number of container startups to have announced major funding or product updates in the past 24 hours jumped to four this morning after Docker Inc. launched a new paid security add-on for its code hosting service. Born from an internal effort dubbed Project Nautilus that was first revealed last year, the addition is designed to help users ensure their software is free of known vulnerabilities.
Docker Security Scanning approaches the task in a way similar to Clair, the open-source threat detector that rivaling container provider CoreOS Inc. released six months ago. It checks every submission to an organization’s code repository against the Department of Homeland Security’s public vulnerability database and notifies administrators when a match is found. From there, the service will periodically repeat the process to identify any new flaws that may be added to the index over time.
In both instances, potential exploits are evaluated at the binary level by algorithms that Docker says can identify every major component of a container from its operating system up to the application libraries on top. The piece-parts are then individually compared against trusted copies to determine their authenticity and whether they’ve been modified. This precaution eliminates the risk of hackers sneaking malware into a company’s development environment under the guise of a legitimate file name.
Yet the biggest advantage that the service possess over CoreOS’ Clair is arguably not its expansive feature set, but rather the popularity of Docker. For the numerous organizations that use the startup’s container engine and code hosting platform, buying a natively-integrated security addon is much more convenient than deploying a third party tool, even if the latter happens to be free. Docker plans on baking the extension into the on-premise version of its containerization platform for the same reason further down the line.
The integration should prove especially handy seeing how companies that run their code repositories and container clusters behind the firewall often place a stronger emphasis on privacy than most. Users can expect Docker to introduce many more threat mitigation features in the future as it works to fend off increased competition from CoreOS, which has made security a core tenant of its development roadmap.
Image via Pixabay
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
