Today Red Hat announced a new certification program for container images. Key to this announcement is the concept of a container health index that is used to grade a container which is “determined by Red Hat’s evaluation of the level of critical or important security errata that is missing from an image”.
Over the last 2 months we ran a short survey to collect information about Container usage. The survey was slightly shorter than the one we performed in conjunction with DevOps.com and Redmonk 6 months ago, but provides deep insight into how the container ecosystem has shifted and continued to evolve over a short period of time. Running multiple surveys gives us ability to see trends develop and as we review the results of each survey we think of new questions to ask in the next survey to dig deeper.
Today we have released an update to our popular open source Jenkins plugin adding a number of powerful new features.
Using Anchore’s freely available and open source Jenkins plugin you can secure your Jenkins pipeline in less than 30 minutes adding image scanning including not just CVE based security scans but policy based scans that can include checks around security, compliance and operational best practices.