Synopsys and Red Hat

Securing open source at enterprise scale

Native container security for the enterprise with Red Hat and Black Duck by Synopsys

Build and deploy containers and applications securely and at scale.

You use containers to rapidly build, deploy, and scale applications. But as your container cluster grows, validating the contents and security of container images becomes more painful. You need solutions that will scale with your container deployment. By integrating Black Duck with Red Hat’s enterprise container management products, you can automatically scan and monitor all your container images to gain visibility into, and control over, any security vulnerabilities or policy violations found in your open source code.

 

Request a demo

Secure apps deployed in Red Hat OpenShift Container Platform

Synopsys has partnered with Red Hat to establish a scalable and secure method for containerized application delivery. Black Duck for OpenShift Container Platform provides proactive monitoring of all container images in an OpenShift cluster to give teams visibility into, and control over, the risks associated with open source components in container images.

Black Duck performs deep container inspection to automatically discover images as they are created, inventory all open source components, and identify and monitor open source security, quality, and compliance risks at any phase of container construction. This automated scanning and monitoring of containerized applications delivered in the Red Hat OpenShift Container Platform helps teams manage container security efficiently and at scale. 

 

Request a demo

Enterprise-ready container and application security

Automatic image discovery

Automatic image discovery

Automatically discover all images in OpenShift as they are created or updated and scan anything that has changed in your cluster.

Comprehensive container security

Comprehensive container security

Perform deep container inspection on both operating system and application layers to identify open source security vulnerabilities.

Manage container life cycles

Manage container life cycles

Use annotations of vulnerability and policy information sent to OpenShift to gate the instantiation of containers in your cluster.

Vuln knowledge

Vuln knowledge

Identify known vulnerabilities for the open source in your apps and containers. Find out which ones have patches, and get remediation guidance for those that don’t.

Enforceable policies

Enforceable policies

Set policies for open source projects, license types, and vulnerability tolerance. Quickly identify policy violations and manage exceptions by project and component.

Ongoing monitoring

Ongoing monitoring

Monitor your open source code, and receive alerts on newly reported open source vulnerabilities associated with the open source you currently have in use.