Aqua Security, a startup for container security, indicates that its open source tool Trivy for scanning container images for vulnerabilities is now suitable for multiple container platforms. New additions include the Mirantis Docker Enterprise Platform and Harbor.
With the rise of containers, the security of these platforms is also increasing rapidly. The startup will deliver a paid Cloud Native Security Platform for software containers. With this platform, developers can easily automate and improve container security and compliance. This gives, among other things, detailed control over container and serverless security and supports both Docker and Windows containers. Another important feature of the platform is that it can be installed on-premise.
Part of this platform is the open source scanner Trivy. This open-source tool for scanning container images has proven to be very popular and has received a lot of attention on GitHub. This is mainly because Trivy can scan both operating systems and the underlying code for vulnerabilities. This makes it easier for developers to integrate these scanning processes into existing software development processes.
Support for multiple platforms
The free open-source tool now supports multiple container platforms. The most important one is probably that of Docker. Container specialist Mirantis, who acquired Docker last year, indicates that the scanner will be integrated with its trusted registry running on Docker.
In addition, Trivy will also become the default image scanner for the latest version of the Harbor platform. The tool should ensure that container images are secured by role-based access tools and then scan all images for vulnerabilities. Once these processes are complete, the images can be labelled as secure.
Container security specialist Aqua Security indicates that it is busy developing multiple security tools for cloud-native platforms. For example, the company is working on the Cube-Bench tool that should help developers assess whether cluster orchestration software is properly configured. It has also developed the tool Cube Hunter; a tool that investigates container clusters for vulnerabilities.