Docker Security Scanning now available to Docker cloud users

Popular container technology provider Docker announced that its security scanning product, formerly codenamed project Nautilus, is now generally available.

Aptly named Docker Security Scanning, the service provides detailed analysis of Docker application images hosted on the Docker Hub image repository.

In many ways, Docker equates applications with content when it comes to security. In the latest release of Docker 1.8, the goal was to figure out who created that content. Now, the goal is to determine what exactly is inside the content.

That said, Docker Security Scanning is designed to spot any components lurking inside an image that may be vulnerable to known exploits. From a business perspective, this leads to faster deployment of apps for developers and proactive risk management for operations, the company said.

Docker said Security Scanning is now available as a limited time free trial for three months, where Docker cloud users will be able to scan their private repos for vulnerable image components. The company said the service has so far secured more than 400 million pulls of Official Repos in last six months.

It will arrive on the on-premises component, Docker Datacenter, sometime in the coming year.

In addition to Docker Security Scanning, Docker is also updating the Docker Bench for Security. The tool can be used to check host configuration and can audit a hose against specific recommendations.

READ MORE:

• Docker's Unikernel acquisition: The Microsoft angle
• Amazon adds Docker registry to fill in "core" gap in its cloud
• Docker improves container security and management
• Docker rounds out management team with new CFO
• What is Docker and why is it so darn popular?