SUBSCRIBE TO TMCnet
TMCnet - World's Largest Communications and Technology Community

TMC NEWS

TMCNET eNEWSLETTER SIGNUP

Aqua Security Extends Container Image Vulnerability Scanner With Jenkins Plug-In
[June 13, 2018]

Aqua Security Extends Container Image Vulnerability Scanner With Jenkins Plug-In


BOSTON, June 13, 2018 /PRNewswire/ -- Aqua Security, the market-leading platform provider for securing container-based and cloud-native applications, today announced at DockerCon a native Jenkins plug-in for Aqua MicroScanner, the company's free-to-use vulnerability scanner for Docker container images. The plug-in allows developers to automate vulnerability scanning as part of their build process, even before Docker images are built, stored, and shared.

"As developers continue to discover the benefits of using containers, and new members are joining the community every day, the need to provide easy, automated security scanning increases," said Liz Rice, technology evangelist at Aqua. "Since we launched MicroScanner earlier this year, the number one request was for easier automation - which we're now providing with the native Jenkins plug-in."

By building applications based on existing open-source code, developers accelerate the pace of innovation and improve efficiency. However, this 3rd party code introduces potential risks and vulnerabilities, which is why scanning Docker images is highly recommended, and should be performed as much as possible as part of the automated image build processes.

Aqua MicroScanner works by embedding an executable and a step in the Dockerfile, which triggers a scan during the image build. This generates a report of the vulnerabilities found and suggested remediations. Optionally, the developer can choose to automatically fail a build wen high severity vulnerabilities are found. This way, images that include vulnerable code are never built, allowing developers to "fail fast" and fix issues before images are stored in registries and deployed in production.



Aqua MicroScanner checks OS packages in Docker images for known vulnerabilities based on multiple aggregated sources, including NVD, vendor security advisories, and information from software developers themselves. In addition, the Aqua Security Research Team further compares and resolves the results to keep track of any updates or differences, and to eliminate false positives.

For additional information and to get the Aqua MicroScanner and plug-in for Jenkins:


About Aqua Security
Aqua Security enables enterprises to secure their container and cloud-native applications from development to production, accelerating application deployment and bridging the gap between DevOps and IT security. Aqua's Container Security Platform provides full visibility into container activity, allowing organizations to detect and prevent suspicious activity and attacks in real time. Integrated with container lifecycle and orchestration tools, the Aqua platform provides transparent, automated security while helping to enforce policy and simplify regulatory compliance. Aqua was founded in 2015 and is backed by Lightspeed Venture Partners, Microsoft Ventures, TLV Partners, and IT security leaders, and is based in Israel and Boston, MA.  For more information, visit www.aquasec.com or follow us on twitter.com/AquaSecTeam.

Press inquiries:
Rachel Kaseroff
RJK Communications
Rachel@rjkcommunications.net
+1 (415) 341-5625

Cision View original content:http://www.prnewswire.com/news-releases/aqua-security-extends-container-image-vulnerability-scanner-with-jenkins-plug-in-300665086.html

SOURCE Aqua Security


[ Back To TMCnet.com's Homepage ]







Technology Marketing Corporation

35 Nutmeg Drive Suite 340, Trumbull, Connecticut 06611 USA
Ph: 800-243-6002, 203-852-6800
Fx: 203-866-3326

General comments: tmc@tmcnet.com.
Comments about this site: webmaster@tmcnet.com.

STAY CURRENT YOUR WAY

© 2018 Technology Marketing Corporation. All rights reserved | Privacy Policy