Open source is the foundation of most modern applications. However, left untracked, open source can put containerized applications at risk of known vulnerabilities such as Heartbleed and CVE-2017-5638 found in Apache Struts.
Tracking open source can be difficult in containerized production environments, which pose new challenges to application security. Organizations need visibility into the open source risks at every layer of their container images, including operating systems, their dependencies, additional libraries, and the application layers. The massive, dynamic container deployments in modern production environments only make getting this visibility more challenging.
Black Duck gives you visibility into, and control over, the open source components in your container images. By automatically detecting and scanning images, you can be sure your container security strategy scales to your entire container cluster. With Black Duck OpsSight, you can proactively monitor the open source risks in your containerized applications in four steps:
Container security strategies should account for the scale and complexity of modern container deployments. For this reason, manually tracking open source components in large, dynamic container clusters is unrealistic. Simplify and accelerate open source risk management with automated, policy-driven control over open source security vulnerabilities.
With Black Duck OpsSight, you get automated visibility into the open source software in your containers and the security risks each component represents. You also learn about any new risks posed by the open source software in your containers, as well as how to mitigate them.