Enforce Docker image CIS policy compliance with Tripwire For DevOps

Enforce Docker Image CIS Policy Compliance with Tripwire for DevOps

We are working hard adding features to our new Tripwire for DevOps service, initially announced at BlackHat 2018. If you are a loyal State of Security follower, last you read we added Auditing for Amazon Machine Images (aka AMIs). Today, we are introducing CIS policy compliance auditing for Docker images ... Read More
Stop Writing Classes

A Clean Start: Finding Vulnerabilities in your Docker Base Images

The ability to find and use a free public Docker base image makes it easy to bootstrap the creation of a new Microservice. However, “easy” doesn’t equate to “good.” Using a Docker base image is much like including an external library. It’s really important to know what baggage you are ... Read More