Utility safety firm Veracode has introduced that its Steady Software program Safety Platform now helps container safety.
Based on Veracode, containers endure from loads of the identical points as conventional bodily or digital server {hardware}. This contains issues like poorly managed secrets and techniques and safety misconfigurations, each of that are addressed by Veracode’s resolution.
Veracode additionally famous that one other problem corporations could face is that loads of current container safety instruments are for safety at runtime, which is previous the event course of. This new resolution integrates into the CI/CD pipeline, which permits builders to remediate vulnerabilities earlier than they make their means into manufacturing.
Outcomes of safety scans can be found in various codecs, comparable to textual content, JSON, and Software program Invoice of Supplies. This makes it straightforward to combine with different instruments.
“As builders embrace cloud-native computing practices, containers have turn into more and more necessary for enterprise effectivity,” mentioned Brian Roche, chief product officer at Veracode. “This launch helps shut a considerable hole out there for developer-friendly options that cowl important capabilities for container safety. We’re excited to deliver this subsequent enhancement of our platform to the market and empower prospects to handle safety testing for extra trendy architectures and deployment kinds.”