preloder
5 CI/CD Platforms and How They Leverage Docker Container Technology

5 CI/CD Platforms and How They Leverage Docker Container Technology

As containers have exploded onto the IT landscape over the last few years, more and more companies are turning to Docker to provide a quick and effective means to release software at a faster pace.

This shift has caused many Continuous Integration and Continuous Delivery (CI/CD) tools and companies to strategically create and weave new container native solutions into their platforms.

In this blog we’ll take a look at some of the top CI/CD players in the game and the shifts they’ve made to support their users in this brave new world of containers.

A Policy Based Approach to Container Security and Compliance

A Policy Based Approach to Container Security and Compliance

At Anchore, we take a preventative, policy-based compliance approach, specific to organizational needs. Our philosophy of scanning and evaluating Docker images against user-defined policies as early as possible in the development lifecycle, greatly reduces vulnerable, non-compliant images from making their way into trusted container registries and production environments.

But what do we mean by ‘policy based compliance’? And what are some of the best practices organizations can adopt to help achieve their own compliance needs? In this post we will first define compliance, and then cover a few steps development teams can take to help to bolster their container security.

Improving Open Source Security with Anchore & Snyk

Improving Open Source Security with Anchore & Snyk

Open source software components and dependencies are increasingly making up a vast majority of software applications. Along with the increased usage of OSS comes the inherent security risks these packages present. Enterprises looking to adopt a greater open source footprint should also employ effective tooling and processes to identify, manage, and mitigate the potential risks these libraries impose.

Admission Control in Kubernetes with Anchore

Our focus at Anchore is analyzing, validating, and evaluating docker images against custom policies to give users visibility, control-of, and confidence-in their container images before they ever execute. And, its open-source. In this post, I’ll show how to use the new Anchore admission controller for kubernetes to gate execution of docker images in kubernetes according to criteria expressed in Anchore policies such as: security vulnerabilities, package manifests, image build-instructions, image source, and the other aspects of image content that Anchore Engine can expose via policy.