Part 2 of 2 In part one of this blog post, we mentioned a pain point in Container based environments. We introduced SCAP as a means to measure compliance in computer systems and introduced ManageIQ as a means of automating Cloud & Container based workflows. Tutorial: Using the OpenSCAP integration in ManageIQ In ManageIQ we have been working on leveraging OpenSCAP to show container images that infringe known vulnerabilities based on the latest CVE content distributed by Red Hat. Integrating...
Part 1 of 2 "Docker is about running random crap from the Internet as root on your host" - Dan Walsh Do you trust your containers? In container-based development flows, a developer will create an image to be the base for an application. Images are stateless, read only, and they are built in layers. These layers represent everything in an application's runtime environment but the kernel, which will be “borrowed” from the hosting machine. Such layers include distribution, packages, environment...
