Container Security
Top > Transversal > Security > Container SecurityTop > Transversal > Cloud > Container Technology > Container Security
- ARMO (Cyber Armor) - A zero trust solution for Kubernetes (and supporting CI/CD) pipelines that has a special focus on runtime security and the prevention of code injection vulnerabilities. 🌐
- Anchore - An open source Docker image vulnerability solution consisting of two components: Syft and Grype. Syft generates a bill of materials from an image whereas Grype reports known vulnerabilities. 🌐
- Carbon Black - The VMWare Carbon Black platform offers "cloud endpoint security" for hybrid clouds and Kubernetes. In practice, it is an anti-virus, and an event scanning solution but it flirts with other security areas too. It signs the "One Platform" tune rather than specialisation in a given security dimension. 🌐
- Clair - An open source project for the static analysis of vulnerabilities in application containers (currently including OCI and Docker). 🌐
- Falco - An open source solution for runtime container security based on the interception of Kernel syscalls. 🌐
- Harbor - An open source registry that secures artifacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted. 🌐
- Snyk - A vulnerability scanning solution for open source libraries and containers. 🌐
- Trivy - A simple vulnerability scanner for containers and other artifacts. 🌐
- Twistlock - Twistlock offers container image (as well as Production/runtime) vulnerability scanning and threat detection. 🌐
- gVisor - A runtime container sandbox which adds security protection in terms of access to Linux syscalls as well as to the network stack. It is used by GKE by default. 🌐
Before You Leave
🤘 Subscribe to my 100% spam-free newsletter!