Concerned about container security? Try the Sonatype Platform
1 minute read time
So many organizations are using containers to reliably move software applications between environments in order to speed up innovation. However, in our recent DevSecOps survey, 88% of respondents agreed that security was a top concern when deploying containers. And surprisingly, almost half of those same respondents admitted that they did not use any security products to identify vulnerable applications/OS/configurations within their containers.
The good news is that the Sonatype Platform can help keep your containers healthy and securely manage them across your DevOps pipeline.
Sonatype Nexus Repository, used by more than 120,000 organizations worldwide, securely manages and distributes containers within a DevOps pipeline. In fact, in the same DevSecOps survey, 22% of respondents admitted to using Sonatype Nexus Repository as a private container registry, second only to Docker and Amazon. You can download Sonatype Nexus Repository Community Edition for free and start managing your containers today.
Additionally, Sonatype Container gives you the ability to surface intelligence with respect to the quality of open source components inside of a container image and automatically apply and manage policies based on the results. Sonatype's precise intelligence about the quality of your open source components enables you to enforce your policies with confidence and empower developers to use only the best and most secure components from the very beginning. And it doesn't stop there. Sonatype Container will continuously monitor your containers in production to identify any known vulnerabilities or quality issues.
Michelle Dufty is the Senior Director of Product Marketing at Sonatype where she brings solutions to market that unite development, security, and operations teams to accelerate software innovation while minimizing open source risk.
Explore All Posts by Michelle Dufty
