Enable javascript in your browser for better experience. Need to know to enable it? Go here.
radar blip
radar blip

Container security scanning

本页面中的信息并不完全以您的首选语言展示,我们正在完善其他语言版本。想要以您的首选语言了解相关信息,可以点击这里下载PDF。
更新于 : Nov 20, 2019
不在本期内容中
这一条目不在当前版本的技术雷达中。如果它出现在最近几期中,那么它很有可能仍然具有相关参考价值。如果这一条目出现在更早的雷达中,那么它很有可能已经不再具有相关性,我们的评估将不再适用于当下。很遗憾我们没有足够的带宽来持续评估以往的雷达内容。 了解更多
Nov 2019
Adopt ? 我们强烈建议业界采用这些技术,我们将会在任何合适的项目中使用它们。

持续采用容器的方式进行部署,尤其是Docker,让容器安全扫描变成了必不可少的技术,我们已将该技术移至“采纳”中以体现这一点。具体来说,容器为安全问题带来了一条新的途径,在部署过程中使用工具扫描和检查容器尤为重要。我们更愿意将自动化扫描工具的运行作为部署流水线的一部分。

Apr 2019
Trial ? 值得一试。了解为何要构建这一能力是很重要的。企业应当在风险可控的前提下在项目中尝试应用此项技术。

The container revolution around Docker has massively reduced the friction in moving applications between environments, fueling increased adoption of continuous delivery and continuous deployments. The latter, especially, has blown a rather large hole in the traditional controls over what can go to production. The technique of container security scanning is a necessary response to this threat vector. Tools in the build pipeline automatically check containers flowing through the pipeline against known vulnerabilities. Since our first mention of this technique, the tool landscape has matured and the technique has proven useful on development efforts with our clients.

Mar 2017
Assess ? 在了解它将对你的企业产生什么影响的前提下值得探索

The container revolution instigated by Docker has massively reduced the friction in moving applications between environments but at the same time has blown a rather large hole in the traditional controls over what can go to production. The technique of container security scanning is a necessary response to this threat vector. Docker now provides its own security scanning tools, as does CoreOS, and we've also had success with the CIS Security Benchmarks. Whichever approach you take, we believe the topic of automated container security validation is of high value and a necessary part of PaaS thinking.

Nov 2016
Assess ? 在了解它将对你的企业产生什么影响的前提下值得探索

The container revolution instigated by Docker has massively reduced the friction in moving applications between environments but at the same time has blown a rather large hole in the traditional controls over what can go to production. The technique of container security scanning is a necessary response to this threat vector. Docker now provides its own security scanning tools, as does CoreOS, and we’ve also had success with the CIS Security Benchmarks. Whichever approach you take, we believe the topic of automated container security validation is of high value and a necessary part of PaaS thinking.

发布于 : Nov 07, 2016

下载第29期技术雷达

English | Español | Português | 中文

获取最新技术洞见

 

立即订阅

查看存档并阅读往期内容