The most important aspect of container image security is managing vulnerabilities. Running containers with vulnerabilities exposes the entire system to attacks and compromises. WhiteSource assists its customers to actively manage and scan the images used in order to discover and remove known vulnerabilities.
WhiteSource for Containers Overview
WhiteSource for Containers is a suite of products to manage vulnerabilities and compliance through the container lifecycle. It covers all the aspects of open-source management in containers and offers a holistic approach to customers willing to ensure security and compliance policies throughout the development lifecycle. In addition to management, policies, and workflows, WhiteSource for Containers provides the option to enforce each one of the company’s policies, and any stage in the DevOps lifecycle: From Build tools, image registries and in production.
Once an image is created, it is automatically recorded in WhiteSource for containers. This can be in a build tool (Jenkins, CircleCI, TeamCity and more) or in one of the image registries (Docker Hub, ECR, Azure Container Service or Artifactory). From that moment on, any change in the image is recorded and saved, and a scan will be triggered. In each point, the user can define a 'gate' containing their security and compliance policy.