Over a million developers have joined DZone.

CoreOS Releases Clair — Open Source Container Security Monitoring

DZone's Guide to

CoreOS Releases Clair — Open Source Container Security Monitoring

CoreOS releases a new open source tool to monitor the security vulnerabilities of your containers.

· DevOps Zone
Free Resource

The DevOps Zone is brought to you in partnership with Sonatype Nexus. The Nexus Suite helps scale your DevOps delivery with continuous component intelligence integrated into development tools, including Eclipse, IntelliJ, Jenkins, Bamboo, SonarQube and more. Schedule a demo today

On November 13th, CoreOS announced a new security monitoring tool called Clair. Clair is open source, and is designed to monitor the security of containers. In addition, CoreOS’ container registry tool, Quay, will release a new feature in beta, called Security Scanning, which is powered by Clair. 

When a vulnerability is detected by Clair, a notification is automatically sent to the administrators. A severity level is assigned to it based on databases compiled by Red Hat, Ubuntu, and Debian. A description of the breach with resources to fix it is included in the notification.

This feature has already scanned millions of containers on Quay, and has discovered that nearly 80% are vulnerable to major bugs, including Heartbleed. Since CoreOS includes an automatic patch for Heartbleed, Clair will patch for Heartbleed at the container level. This only matters if OpenSSL is installed and used, of course, but Clair is not designed for that level of analysis, so teams should still dive deeper into vulnerabilities as required.

Clair is now available on GitHub.

The DevOps Zone is brought to you in partnership with Sonatype Nexus. Use the Nexus Suite to automate your software supply chain and ensure you're using the highest quality open source components at every step of the development lifecycle. Get Nexus today

security ,coreos ,containers

Opinions expressed by DZone contributors are their own.


Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.


{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}