“At-a-Glance” Dashboard Visibility
Dashboards give IT security managers “at-a-glance” visibility into both container image inventory and security. Security teams can view vulnerability, malware and other security data for all container images, as well as the distribution of vulnerabilities across images by CVSS score and risk level.
Continuous Assessment Identifies New Threats
Tenable.io Container Security continuously monitors vulnerability databases for new vulnerabilities. When one is identified, it automatically re-scans all stored container images against the new vulnerability. Subsequently, the product automatically scans new container images for the vulnerability, ensuring continuous protection.
Malware Protection for Containers
Tenable.io Container Security is the only container security solution that assesses container image source code for malware. It uses a custom-built malware detection engine to analyze container image source code and help ensure images are malware free.
Enterprise Policy Enforcement
Enterprise policy compliance can be optionally enforced by monitoring container images for factors such as overall risk score and the presence of malware. If an image is created that exceeds the organization’s risk threshold, developers can be notified immediately, with layer-specific information provided to help them rapidly remediate the flaws. Policy violations can trigger alerting or can optionally block specific images from being deployed. Policies can apply globally or only to images in specific repositories.
Accelerate DevOps by Pinpointing Security Risks
In addition to providing a view of images by repository, it performs an in-depth vulnerability assessment on container images as they are pushed into Tenable.io Container Security. It conducts a full inventory of image layers and components – listing the application, dependencies, libraries, binaries and configuration files. This fast and comprehensive view of vulnerabilities combined with layer hierarchy intelligence provides a detailed assessment of container image risk, by repository, ensuring developers don’t waste time searching for vulnerabilities or fixing issues that are mitigated in a higher layer. This enables developers to quickly remediate potential container risks and push secure code even faster.
Embed Security Into Your DevOps Toolchain
Tenable.io Container Security can optionally – and seamlessly – embed security testing into the software development tooling, without blocking or disrupting existing development processes and workflows. The product provides out-of-the-box integrations with common build systems such as Jenkins, Bamboo, Shippable, Travis CI and others.
Watch the On-Demand Webinar “Demo: Using Tenable.io to Secure Containers in a DevOps World”
See how Tenable.io Container Security provides visibility into your current container usage and container security risks, integrates into existing DevOps workflows without disruption and offers a policy-based approach to securing containers.