Virtualization Technology News and Information
Cavirin Announces Continuous Security Assessment for Docker

cavirin logo 

Cavirin Systems, Inc. announced today support for Docker, addressing security concerns across the container development and deployment lifecycle with capabilities such as image scanning and container hardening, both on-premises and in the cloud. The company will demonstrate these capabilities at booth E4 at DockerCon, taking place in Austin, Texas, April 17-20, 2017.

Image scanning looks at all things within the actual Docker image, including security baselines and whether the system is patched, and can play an important role in the CI/CD pipeline. This capability is critical, since about a third of all container images found in public or even private registries have some serious vulnerabilities when compared against reputable, national vulnerability databases.

"By announcing additional capabilities for Docker security, Cavirin shows its ongoing efforts to support the evolving cloud environment," said Izak Mutlu, Cavirin security advisory board member and former Salesforce CISO. "Providing the visibility and control required across the Docker development and deployment lifecycle arms enterprises with the assurances required to migrate critical workloads onto containers."

"Cavirin is helping its customers run Docker-based applications in a safe and secure way," said Dr. Rao Papolu, CEO of Cavirin. "Our agentless analysis supports discovery and hardening of the full containerized infrastructure stack, to include the Docker engine host, any virtualization, and the containers. It also includes the CIS Docker benchmark, as well as industry standards such as HIPAA, PCI, SOC2 and NIST."

Cavirin also supports Kubernetes deployments, ensuring the security of the container orchestration layer, and has played a leadership role in the security benchmark development. Cavirin's Director of Information Security and Compliance Engineering Pravin Goyal authored the CIS Docker 1.13 Benchmark and is also leading the group community developing the CIS Security Benchmark for Kubernetes 1.6.

How to Contribute to Kubernetes Benchmark Development

Contributing to the CIS Security Benchmark for Kubernetes is easy. Just visit and sign up for the community.

Published Thursday, April 13, 2017 9:01 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<April 2017>