So many organizations are using containers to reliably move software applications between environments in order to speed up innovation. However, in our recent DevSecOps survey, 88% of respondents agreed that security was a top concern when deploying containers. And surprisingly, almost half of those same respondents admitted that they did not use any security products to identify vulnerable applications/OS/configurations within their containers.
The good news is that the Nexus Platform can help keep your containers healthy and securely manage them across your DevOps pipeline.
The Nexus Repository Manager, used by more than 120,000 organizations worldwide, securely manages and distributes containers within a DevOps pipeline. In fact, in the same DevSecOps survey, 22% of respondents admitted to using Nexus Repository Manager as a private container registry, second only to Docker and Amazon. You can download Nexus Repository Manager OSS for free and start managing your containers today.
Additionally, Nexus Lifecycle Container Analysis (LCA) gives you the ability to surface intelligence with respect to the quality of open source components inside of a container image and automatically apply and manage policies based on the results. Sonatype’s precise intelligence about the quality of your open source components enables you to enforce your policies with confidence and empower developers to use only the best and most secure components from the very beginning. And it doesn’t stop there. Lifecycle will continuously monitor your containers in production to identify any known vulnerabilities or quality issues.
To learn more about Lifecycle Container Analysis, watch this video.
Topics: DevSecOps, Containers, D