Build and deploy containers and applications securely and at scale.
You use containers to rapidly build, deploy, and scale applications. But as your container cluster grows, validating the contents and security of container images is painful. You need solutions that will scale with your container deployment. By integrating Black Duck with Red Hat’s enterprise container management products, you can automatically scan and monitor all of your container images to gain visibility into and control any security vulnerabilities or policy violations found in your open source code.
Black Duck automatically discovers all images in OpenShift as they are created or updated and knows to scan anything that has changed in your cluster
Black Duck performs deep container inspection on both operating system and application layers to identify open source security vulnerabilities at any stage
Use annotations of vulnerability and policy information sent to OpenShift to gate the instantiation of containers in your cluster
Identify known vulnerabilities for the open source in your applications and containers; find out which ones already have patches available and get remediation guidance for those that don’t
Set policies for open source projects, license types, and vulnerability tolerance; quickly identify policy violations and manage exceptions by project and component
Black Duck will monitor your code and alert you on newly reported open source vulnerabilities associated with open source in use