Software containers (Docker and other formats) are rapidly being adopted in enterprise deployments, but present unique security challenges due to the scale, agility and open nature of the container operating environment. The rapid DevOps process that is often behind container deployments, as well as the inclusion of many open source components, require tight governance of the process from the development phase and beyond.
Aqua’s container security solution was architected specifically to address the challenges of visibility, control, isolation, intrusion detection and intrusion prevention in container environments, while remaining transparent and non-intrusive to DevOps, allowing organizations to reap the business benefits of containers without increasing their risk profile.
Microsoft VSTS users can integrate with Aqua’s continuous image assurance, which is the most comprehensive, automated solution on the market for scanning and locking down container images, with deep scanning of container layers for vulnerabilities, and persistent controls to assure image integrity throughout its lifecycle.
What is the Aqua Security VSTS Integration?
This extension allows you to add a step to your Docker Image build process, where image can be checked for security vulnerabilities before it is pushed to your registry. Aqua Security assessment can be configured to fail the build in case it conflict with an Image Assurance policy defined in the Aqua Security Command Center.