Tripwire Launches Docker Container Vulnerability Scanning
August 08, 2017

Tripwire announced that Tripwire IP360 now scans for vulnerabilities on non-running Docker containers.

This expansion builds upon Tripwire’s existing ability to scan running containers, making Tripwire IP360 truly integrated with advanced container scanning capabilities. This release provides security teams with visibility into DevOps processes.

Tripwire IP360 now allows customers to scan online, offline and non-running containers for vulnerabilities, giving them an enhanced overall view and lowering the chance that vulnerabilities will slip through the cracks during the development stage and into production. This new feature offers stronger security for DevOps processes, whether on-premise or in the cloud.

“Containers, which are lightweight self-contained virtual images designed to execute specific tasks or applications repeatedly and reliably, are often switched from non-running to running and vice versa as they are needed. It’s important to scan containers for vulnerabilities no matter what state they are in and to do so regularly because they can be updated often, even in production,” said Lamar Bailey, Senior Director of Engineering at Tripwire. “Tripwire IP360 now makes it possible to quickly and reliably scan all Docker containers, whether running or not, which is necessary to reduce the risk of a security breach.”

DevOps teams’ increasing use of containers to accelerate software development and deployment has added complexity for security teams.

Bailey added: “Enterprise IT security executives are responsible for actively and continuously reducing security risk to their businesses, which means assessing all of the components on their networks for vulnerabilities. Containers are no exception, so it’s important to have thorough vulnerability assessment tools for these as well.”

The Latest

October 19, 2017

In light of the recent Equifax breach, Gene Kim and speakers from the upcoming DevOps Enterprise Summit San Francisco (DOES17) dissected the situation and discussed the technical leadership lessons learned while offering their own expert advice for handling crisis situations. The following are more highlights from the discussion ...

October 18, 2017

In light of the recent Equifax breach, Gene Kim and speakers from the upcoming DevOps Enterprise Summit San Francisco (DOES17) dissected the situation and discussed the technical leadership lessons learned while offering their own expert advice for handling crisis situations ...

October 16, 2017

A survey of more than 750 development team leaders in the US and UK, revealed that 68 percent plan to build more apps during the next 12 months. At the same time as reporting increased volumes of development, 91 percent of developers surveyed agree that user expectations for innovation and quality have increased, but app deliveries continue to fail ...

October 12, 2017

Today, organizations must digitally evolve or they risk becoming irrelevant. One area that’s been growing in adoption is a shift to developing and deploying modern applications in the cloud, which requires software and IT architects to rethink how to architect and manage these apps ...

October 10, 2017

Designing and deploying complete software-defined data centers (SDDCs) can be complicated because each implementation requires a broad range of infrastructure to support heavy demands for compute, networking, storage, applications and security ...

October 05, 2017

According to LogiGear's State of Software Testing Survey, almost one-third of the respondents are experiencing classic test automation issues. One problem commonly cited among respondents was that management didn’t fully understand what it takes to have a successful automation program ...

October 04, 2017

Load balancing at the DNS (Domain Name System) level has been around for a few decades now, but it didn't become crucial until recently as technology is moving to the cloud. DNS is the perfect solution for managing cloud systems ...

October 02, 2017

QualiTest recently compiled a data report analyzing software testers globally. The report details the Quality Assurance and Software Testing job market, one of the fastest growing job markets and a bellwether of tech employment due to QA's involved in nearly every conceivable industry ...

September 28, 2017

API use is exploding among developers, as APIs are an essential part of software development for the web, IoT, mobile and AI applications. APIs allow a developer to create programs or apps that can successfully request services or data from other applications or operating system. This connectivity, though powerful, is complex, and that complexity grows with new apps, new hardware such as the new iPhone and Echo, and the creation of new APIs ...

September 26, 2017

Companies are placing a greater value on high performing IT professionals as IT demands continue to escalate, according to Puppet's DevOps Salary Report ...

Share this