Docker has announced that Project Nautilus, the company’s ongoing effort to safeguard container content, is now generally available as Docker Security Scanning.
Developers largely want to deliver the best software with the highest quality as fast as possible, but when developing software involves sharing code across team members and environments, they need a tool that can ensure the software they develop is secure, according to the company. Docker Security Scanning is designed to provide developers with a security assessment of their software within container images.
(Related: Wercker releases Docker pipelines-management platform)
“Docker Security Scanning delivers secure content by providing deep insights into Docker images along with a security profile of its components. This information is then available at every stage of the app life cycle,” wrote Docker engineers Toli Kuznets, Lily Guo and Nandhini Santhanam, in a blog post.
In addition to promoting security, the solution also aims to improve container content’s integrity by ensuring it complies with software standards. According to the company, development teams previously only had access to the information published by ISVs, and would have to manually keep track of the Common Vulnerabilities and Exposures (CVE) database. With Docker Security Scanning, users can automate the process and get notifications on any issues. “When a new vulnerability is reported to a central CVE database, Docker Security Scanning checks our service database to see which images and tags contain that affected package and notify the repo admin via e-mail,” the engineers wrote.
Docker Security Scanning will scan a user’s software any time it’s changed and shipped. It features binary-level scanning, detailed security profiles for each Docker images, continuous vulnerability monitoring, notifications, information on how teams can ensure the software meets security compliance standards, and support for major Linux distributions and Windows Server, languages and binaries. “The ability to scan an image provides insight at a given point in time. Docker Security Scanning goes a step further to make sure your images stay safe with ongoing monitoring and notifications,” the engineers wrote.