TMCnet News

Cavirin Announces Continuous Security Assessment for Docker
[April 11, 2017]

Cavirin Announces Continuous Security Assessment for Docker


Cavirin Systems, Inc. announced today support for Docker, addressing security concerns across the container development and deployment lifecycle with capabilities such as image scanning and container hardening, both on-premises and in the cloud. The company will demonstrate these capabilities at booth E4 at DockerCon, taking place in Austin, Texas, April 17-20, 2017.

Image scanning looks at all things within the actual Docker image, including security baselines and whether the system is patched, and can play an important role in the CI/CD pipeline. This capability is critical, since about a third of all container images found in public or even private registries have some serious vulnerabilities when compared against reputable, national vulnerability databases.

"By announcing additional capabilities for Docker security, Cavirin shows its ongoing efforts to support the evolving cloud environment," said Izak Mutlu, Cavirin security advisory board member and former Salesforce CISO. "Providing the visibility and control required across the Docker development and deployment lifecycle arms enterprises with the assurances required to migrate critical workloads onto containers."

"Cavirin is helping its customers run Docker-based applications in a safe and secure way," said Dr. Rao Papolu, CEO of Cavirin. "Our agentless analysis supports discovery and hardening of the full containerized infastructure stack, to include the Docker engine host, any virtualization, and the containers. It also includes the CIS Docker benchmark, as well as industry standards such as HIPAA, PCI (News - Alert), SOC2 and NIST."



Cavirin also supports Kubernetes deployments, ensuring the security of the container orchestration layer, and has played a leadership role in the security benchmark development. Cavirin's Director of Information Security and Compliance Engineering Pravin Goyal authored the CIS Docker 1.13 Benchmark and is also leading the group community developing the CIS Security Benchmark for Kubernetes 1.6.

How to Contribute to Kubernetes Benchmark Development


Contributing to the CIS Security Benchmark for Kubernetes is easy. Just visit https://cavirin.com/kubernetes.html and sign up for the community.

About Cavirin

Cavirin reduces the change of breech for organizations by providing continuous security assessment and remediation across physical, public, and hybrid cloud workloads for AWS, Microsoft Azure, Google (News - Alert) Cloud Platform, VMware, KVM, and Docker. The company's cloud-agnostic solution offers continuous visibility, is agentless and API-driven, and scales to the largest physical and virtual infrastructures. For regulated industries, Cavirin offers up-to-the-minute compliance assessments, supplying audit-ready evidence as measured by every major regulatory and security best practice framework including CIS, DISA, PCI and HIPAA. For more information, visit www.cavirin.com or follow us at www.twitter.com/cavirin.


[ Back To TMCnet.com's Homepage ]