Virtualization Technology News and Information
Article
RSS
Tripwire Launches Industry-First Advanced Docker Container Vulnerability Scanning, Reducing Security Blind Spots

Tripwire, Inc. announced that Tripwire IP360 now scans for vulnerabilities on non-running Docker containers. This expansion builds upon Tripwire's existing ability to scan running containers, making Tripwire IP360 the industry's first vulnerability management scanner to be truly integrated with these advanced container scanning capabilities. This release provides security teams with unprecedented visibility into DevOps processes.

Tripwire IP360 now allows customers to scan online, offline and non-running containers for vulnerabilities, giving them an enhanced overall view and lowering the chance that vulnerabilities will slip through the cracks during the development stage and into production. This new feature offers stronger security for DevOps processes, whether on-premise or in the cloud.

"Containers, which are lightweight self-contained virtual images designed to execute specific tasks or applications repeatedly and reliably, are often switched from non-running to running and vice versa as they are needed. It's important to scan containers for vulnerabilities no matter what state they are in and to do so regularly because they can be updated often, even in production," said Lamar Bailey, senior director of engineering at Tripwire. "Tripwire IP360 now makes it possible to quickly and reliably scan all Docker containers, whether running or not, which is necessary to reduce the risk of a security breach."

DevOps teams' increasing use of containers to accelerate software development and deployment has added complexity for security teams.

"This addresses a big industry need for security practitioners as they try to keep up with the adoption of DevOps," said Rob Ayoub, Research Director at IDC. "Maintaining visibility of containers and their contents can be challenging, as they tend to be numerous and change often. We've seen solutions that provide insight for running containers, but getting visibility into the non-running containers has been challenging. This new ability to scan both gives security teams the full view they've been looking for."

Bailey added: "Enterprise IT security executives are responsible for actively and continuously reducing security risk to their businesses, which means assessing all of the components on their networks for vulnerabilities. Containers are no exception, so it's important to have thorough vulnerability assessment tools for these as well."

Tripwire IP360 is an industry-leading vulnerability and security risk management solution that comprehensively discovers and profiles network assets. Tripwire IP360 delivers advanced, dynamic prioritization metrics, which combine business asset values with vulnerability scores, making it possible to prioritize security risks in the context of customer businesses.

Published Tuesday, August 08, 2017 9:22 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<August 2017>
SuMoTuWeThFrSa
303112345
6789101112
13141516171819
20212223242526
272829303112
3456789