Docker has extended its strategic collaboration with Microsoft to simplify code to cloud application development for developers and development teams by more closely integrating with Azure Container Instances (ACI).
Sonatype released a new version of its Nexus Lifecycle product which now includes a built-in service that enables software development teams to automatically and continuously examine the security and quality of open source components used within container images.
The free service, known as Lifecycle Container Analysis (LCA), gives customers the ability to surface intelligence with respect to the quality of open source components inside of a container image and automatically apply and manage policies based on the results.
With LCA, Nexus Lifecycle customers can now automatically govern open source hygiene for containerized applications in the same way they have long governed hygiene for non-containerized applications.
Additionally, by using Sonatype’s Nexus Repository as a free, private Docker registry, these same customers can easily organize, manage, and distribute trusted containers across their DevOps pipelines.
Wayne Jackson, CEO, Sonatype, said: "Rather than treating security as an afterthought, high performance technology organizations view containers as an unprecedented opportunity to embed automated security controls into every phase of the software delivery pipeline. We have hundreds of enterprise customers like Goldman Sachs, Intuit, and Liberty Mutual already using Nexus Lifecycle to continuously govern the security and quality of open source components being used within their applications -- and beginning today the remarkable intelligence of Nexus Lifecycle has been extended to containers as well.”