Anchore - Container Image Scan Engine

The Anchore engine is an open source project that inspects, analyzes and certifies Docker Images. Anchore conducts static analysis on container images and applies user defined acceptables policies to allow automated container image validation and certification. We can use Anchore to gain deep insight to the OS and non-OS packages contained...

Read More

Container Security - Capabilities

The most common security setting that we do with containers is the capability settings or dropping. The capability dropping is a technique where a privileged processes revokes a subset of the privileges it is endowed with.Root is the most powerful user. He has access to everything and he can perform any thing on any thing. Running processes...

Read More

Container Security - AppArmor

AppArmor is a linux kernel security Module that can be used to restrict the capabilities of processes running on the host operating system.AppArmor is similar to SELinux which is used by default in Redhat linux or centos. AppArmor is being used by Ubuntu by default. Both AppArmor and Selinux provides mandatory access controls ( MAC )...

Read More

Jenkins - Integrating Source Clear with Jenkins

As we already know that the Source clear is Saas based application. We scan the source code in our local machine and the results are sent to the source clear website. The results can be viewed with the account that we have taken.Integrating the Software composition analysis tools with the Continuous integration tools is very important....

Read More

Docker - Multi Stage Build

Containers are the running instance of an Image. While working with Docker and other container technologies, though the size of the image does not matter but having larger images will sure consume lot of disk space. If we save the images in the local registry or having them in /var/lib/docker, the disk space needs to be cleared very...

Read More

Security - Software Composition Analysis

Security is everyone's job. When said this security now takes a shift left and moves to the first phase which is development. Writing secure code is always necessary. Code written can be analysed during the build phases to identify potential vulnerabilities even before going live. But what about the libraries that we import and use in...

Read More