Software Integrity Blog

Archive for the 'Container Security' Category

 

Announcing Black Duck OpsSight 2.2—Container security at scale 

With containers, we’ve changed the way we deploy applications. Now it’s time to change the way we secure them, with container scanning tools for open source.

Continue Reading...

Posted in Container Security, Open Source Security | Comments Off on Announcing Black Duck OpsSight 2.2—Container security at scale 

 

How to think about container security

Are you thinking about container security? Traditional application security isn’t meant for container deployments. Learn strategies for securing your containers.

Continue Reading...

Posted in Container Security | Comments Off on How to think about container security

 

[Webinar] Secure your containers with GitHub and Synopsys

In our on-demand webinar with Bryan Cross (GitHub) and Dave Meurer (Synopsys), you’ll learn how to use integrated application security tools to secure containers at every layer.

Continue Reading...

Posted in Container Security, Open Source Security, Webinars | Comments Off on [Webinar] Secure your containers with GitHub and Synopsys

 

Securing containers at scale

Open source is the foundation of most modern applications. However, left untracked, open source can put containerized applications at risk of known vulnerabilities such as Heartbleed and CVE-2017-5638 found in Apache Struts.

Continue Reading...

Posted in Container Security, Open Source Security, Software Composition Analysis (SCA) | Comments Off on Securing containers at scale

 

Announcing OpsSight Container Security 2.0 GA

Containers have restructured the way we think about our infrastructure, bringing development and operations teams closer together than ever before, and placing applications center stage in the infrastructure environment.

Continue Reading...

Posted in Container Security, Open Source Security | Comments Off on Announcing OpsSight Container Security 2.0 GA

 

8 takeaways from NIST’s Application Container Security Guide

Companies are leveraging containers on a massive scale to rapidly package and deliver software applications. But because it is difficult for organizations to see the components and dependencies in all their container images, container security risks associated with containerized delivery has become a hot topic in DevOps. This puts the spotlight on operations teams to find security vulnerabilities in the production environment.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Container Security, Open Source Security | Comments Off on 8 takeaways from NIST’s Application Container Security Guide

 

Container adoption by the numbers

As application development teams are pressured to deliver software faster than ever, containers offer clear advantages. Docker debuted to the public in 2013, and since then there have been over 29 billion Docker container downloads. Benefits of containerization

Continue Reading...

Posted in Container Security | Comments Off on Container adoption by the numbers

 

Using containers? What’s hidden in your container images?

Do you know what’s in your containers? No, the question has nothing to do with those mystery containers in your fridge. But if you don’t know what’s in those lovely Docker containers which are all the rage, you could be in store for just as rude a surprise as discovering what might be hiding deep in your fridge.

Continue Reading...

Posted in Container Security | Comments Off on Using containers? What’s hidden in your container images?

 

Migrating to Docker on Black Duck

Before Black Duck began leveraging Docker, customers utilized the App Manager Install Method to deploy it. Black Duck now deploys as a set of containers, so customers need to install Docker to take advantage of updates to the application. By the end of this guide, you’ll have a basic understanding of how to migrate Black Duck to a containerized environment, as well as the benefits of using containers.

Continue Reading...

Posted in Container Security, Open Source Security, Software Composition Analysis (SCA) | Comments Off on Migrating to Docker on Black Duck

 

An introduction to installing Black Duck

Get started with the Dockerized Black Duck installation. This post outlines workplace specifications, tools, and steps you’ll take to deploy Black Duck.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Container Security | Comments Off on An introduction to installing Black Duck