Docker Introduces Multiple New Security Efforts including Project Nautilus
FREMONT, CA: As Docker container adoption witnesses’ massive growth, the need for accelerating the container security becomes more essential. To that end, Docker introduces several new security – focused efforts to overcome the steady growth of containers and in a bid to make it safer, reports Sean Michael Kerner for eWEEK.
Docker launches Project Nautilus, an image scanning effort for Docker application images. Project Nautilus provides automated security analysis for images that are hosted on the Docker Hub image repository.
Part of the Docker Content Trust leverages open-source Notary project and rest relies on encryption keys. Docker has further announced the support for hardware encryption with Yubico USB Keys that are compliant with the FIDO Alliance Universal Second Factor (U2F) specification. This Yubico key uses a hardware-encrypted token which never reveals the private root encryption key that is used to sign an application image.
Nautilus does deep content analysis helps developers secure their new or existing software update systems, which are already known and found in existing Linux distribution vulnerability databases. The new security effort of docker also aims to improve security visibility and control by supporting user namespaces, and also provides control for individual applications and processes that run on Docker.
"You can give developers the most secure tools in the world, but if the tools get in the way, they won't use it and the result is unusable security, which is really not security at all. By providing usable security tools, we can move the needle on improving security for everyone.” says Hykes
By Michael Hedges, VP and CIO, Medtronic
By Susan Doniz, Global CIO, Aimia
By Scott Welty, VP-Retail Strategy, JDA Software
By Deborah Gash, VP & CIO, Saint Luke’s Health System
By Bill Krivoshik, SVP & CIO, Time Warner Inc.
By Alberto Ruocco, CIO, American Electric Power
By Lisa Feldner, VC for Institutional Research & IT, North...
By Jim Kaskade, VP and GM, Big Data & Analytics, CSC
By Tom West, M.B.A., CIO, Nova Southeastern University
By Laura Jackson, Sr. Manager-Risk Management, ABS Consulting
By Bob Fecteau, CIO, SAIC
By Edward Grassia, CIO, Washoe County School District
By Henry Bailey, Global VP, Utilities IBU, SAP
By Elizabeth Hackenson, CIO & SVP of Global Business...
By Rosello, SVP & CIOO, Alliance Data Card Services
By Joseph Santamaria, CIO, PSEG [NYSE: PEG]
By Bill Schimikowski, VP, Customer Experience, Fidelity...
By Chad Lindbloom, CIO, C.H. Robinson
By Denise Zabawski, CIO, Nationwide Children's Hospital
By Charles Koontz, President & CEO, GE Healthcare IT & Chief...