Black Duck OpsSight helps you prevent known open source vulnerabilities from being deployed into production environments. With OpsSight, you can:
With OpsSight you have unprecedented visibility into the open source components and any associated security vulnerabilities that exist in the container images you create and those that are running in production. Black Duck OpsSight integrates directly into your container orchestration platforms, ensuring that you have the visibility and control you need to minimize risk to your applications.
OpsSight works with your container orchestration platform to scan any container image as it is utilized within the cluster and report on any known vulnerabilities by checking against our comprehensive KnowledgeBase.
OpsSight listens for any changes within your orchestration platform’s event streams. If any container images are altered, OpsSight automatically scans the image and will reassess the open source risk in the code.
OpsSight continuously monitors for new open source security disclosures and component changes for the open source found in your container images. It alerts you to any changes in risk since the container image was last updated.
Scan results are placed as metadata on the container image so you can display vulnerability risk and enforce policies directly from the console of your container orchestration platform.