Sysdig Inc. debuted a new version of its software container security platform at the DockerCon conference today, with features to prevent code vulnerabilities from making their way into enterprise applications.

Many factors can lead to a security weakness slipping through the cracks. One of them, according to Sysdig, is that companies often push back vulnerability testing until the latter stages of the development cycle. Today’s update aims to facilitate an alternative approach.

At the core of Sysdig Secure 2.0 is a scanner that can automatically check software libraries, packages and configuration settings for vulnerabilities. Freeing up developers from having to run security assessments manually could make it much more practical to perform testing on a regular basis. This is especially true in fast-paced software projects that rely on containers.

Enterprises are rapidly embracing containers because they allow for software to be deployed in a lightweight and highly portable form without rewriting. The technology’s flexibility can help development teams ship code faster, but shorter release cycles come at a cost: They leave less time for engineers to focus on security.

Sysdig Secure 2.0 lets companies integrate its automated vulnerability scanner directly into their development workflows via a new connector for Jenkins, the ubiquitous code management tool. The platform blocks code from getting released if it’s found to contain vulnerabilities.

Sysdig Secure is useful for catching other types of issues as well. For instance, companies can use the platform to flag application components that violate the privacy rules outlined in Europe’s recently implemented General Data Protection Regulation. Sysdig said it has added over 200 new compliance checks as part of the release.

On top of blocking vulnerable code, Sysdig Secure 2.0 also focuses on easing the detection of vulnerabilities that already exist in live production applications. The platform can quarantine or terminate vulnerable containers depending on the severity of the threat.

For a high-level view of exactly how much security risk exists in an environment, administrators can turn to the expanded analytics console included in the release. Sysdig said the dashboard offers insight not only into specific containers or servers but also provides higher-level context about the business assets they underpin.

Image: Unsplash