Software Integrity Blog

Archive for the 'Container Security' Category

 

Container adoption by the numbers

As application development teams are pressured to deliver software faster than ever, containers offer clear advantages. Docker debuted to the public in 2013, and since then there have been over 29 billion Docker container downloads. Benefits of containerization 66% of organizations adopting containers experienced accelerated developer efficiency 75% of companies achieved an increase in application […]

Continue Reading...

Posted in Container Security, Infographic

 

What’s in your containers?, Spring Break vulnerability, cyber security in healthcare

Open Source Insight makes the transition to the Synopsys Software Integrity (SIG) blog this week, and you can find us here, as well as the latest posts from SIG technology evangelist Tim Mackey. This week’s edition looks at security for container images, cyber security in healthcare, how most data breaches occur, and a host of […]

Continue Reading...

Posted in Container Security, Data Breach, Healthcare Security, Open Source Security

 

Using containers? What’s hidden in your container images?

Do you know what’s in your containers? No, the question has nothing to do with those mystery containers in your fridge. But if you don’t know what’s in those lovely Docker containers which are all the rage, you could be in store for just as rude a surprise as discovering what might be hiding deep […]

Continue Reading...

Posted in Container Security

 

Achieving open source security in container environments

Today, open source components are at the heart of most modern applications, transforming how we architect solutions in every industry. Black Duck’s 2017 Open Source Security and Risk Analysis of over 1000 commercial applications revealed that 96% of applications scanned utilized open source. Meanwhile, more than 60% of those applications contained known security vulnerabilities in their open […]

Continue Reading...

Posted in Container Security, Open Source Security

 

Migrating to Docker on Black Duck

Before Black Duck began leveraging Docker, customers utilized the App Manager Install Method to deploy it. Black Duck now deploys as a set of containers, so customers need to install Docker to take advantage of updates to the application. By the end of this guide, you’ll have a basic understanding of how to migrate Black Duck to a containerized […]

Continue Reading...

Posted in Container Security, Open Source Security, Software Composition Analysis

 

An introduction to installing Black Duck

Black Duck Academy hosts a series of videos that help our customers deploy, manage, and use our products. To help our customers see value from Black Duck immediately after their purchase, this post supplements our video on installing the Hub. Think of this post as a quick way to get you started with the Dockerized […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Container Security

 

Container adoption today: Advantages and challenges

Organizations today work in a continuous delivery environment, requiring speed and agility in deployment and the ability to monitor applications once deployed. These requirements are accelerating the adoption of containers in the production environment. In October, DockerCon Europe revealed that 24 billion containers have been downloaded. Not surprisingly, there’s been a corresponding 77,000% growth in […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Container Security

 

8 takeaways from NIST’s application container security guide

Companies are leveraging containers on a massive scale to rapidly package and deliver software applications. But because it is difficult for organizations to see the components and dependencies in all their container images, the security risks associated with containerized software delivery has become a hot topic in DevOps. This puts the spotlight on Operations teams […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Container Security

 

Black Duck and Google Grafeas: Improving container visibility and security

Containers offer many advantages over monolithic applications, packaged as VMs. Most importantly, a container image is immutable, easily built and deployed without reliance on permanent infrastructure. Nevertheless, containers are a challenge to IT operations teams, who need full visibility and control of their software supply chain to implement security and governance policies. To address this […]

Continue Reading...

Posted in Agile, CI/CD & DevOps, Container Security, Open Source Security

 

Improving stability, installs, and updates with Docker

We heard our customers loud and clear. Our old AppManager product on which we ran the Hub on wasn’t working for you. That’s why we re-platformed our Black Duck Hub solution on the Docker platform. There are a lot of positive things to say about our Dockerized app, including scalability, high availability and a lot […]

Continue Reading...

Posted in Container Security, Open Source Security, Software Composition Analysis