Aqua Security debuts open-source container image registry scanner
Container security startup Aqua Security Software Ltd. announced today that its open-source tool for scanning container images is now integrated by default with registries from Docker Inc. and the Mirantis Docker Enterprise platform, as well as Harbor, an open-source image registry project run by the Cloud Native Computing Foundation.
Aqua sells a Cloud Native Security Platform for software containers, which are used to host applications that can run on any computing platform.
Its software gives developers the ability to automate and improve container security and compliance posture, monitor usage and control user access. It provides granular controls over container and serverless security, supports both Docker and Windows containers, and can be deployed on-premises.
The Trivy scanner is just one component of Aqua’s platform, and was first released as an open-source project late last year. It has already attracted a “broad following” on the GitHub code hosting repository, the company said. The rapid adoption of Trivy is due to its ability to handle both operating systems and their programming language dependencies, which makes it easier to integrate with existing software development pipelines.
Trivy is available under an Apache Foundation license that allows royalty-free use and distribution.
Mirantis Inc., which acquired Docker Inc.’s enterprise platform last year, said it’s integrating Trivy with its trusted registry that runs on the Docker platform.
Trivy is also now the default image scanner in the latest version of Harbor. It allows users to secure container images through role-based access controls, and then scans the images for vulnerabilities. Once done, all trusted images are then verified as safe.
The software is just one of several open-source security projects aimed at cloud-native platforms that Aqua Security either leads or participates in, officials said. It’s also involved in the development of kube-bench, which is a tool that helps to determine if the cluster orchestration software is properly configured.
Aqua Security has also built a tool called kube-hunter, which is used to screen container clusters for vulnerabilities.
Image: Aqua Security
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU