A HOLISTIC SOLUTION FOR YOUR CONTAINER DEVELOPMENT LIFECYCLE:
WhiteSource for Containers provides teams with full visibility and control over their open source usage in container images and containers. It supports the entire container lifecycle via advanced integration with all container registries as well as Kubernetes. The solution monitors and alerts on security and compliance issues from the earliest stages of development all the way through to production.
Supporting over 200 programming languages and many Linux distributions, WhiteSource ensures the accurate detection of all open source components in your products.
CONTINUOUS CONTAINER SECURITY WITH AUTOMATED POLICIES:
WhiteSource for Containers never misses a beat, providing secure management of your container images and containers with continuous security monitoring in CI servers, container registries, during run-time and on Kubernetes.
Our advanced integration enables you to enforce your WhiteSource policies automatically throughout the container lifecycle in order to block vulnerable components from entering production, initiate automated workflows, and get real-time alerts on security and compliance issues.
NATIVE SUPPORT FOR CONTAINER REGISTRIES:
WhiteSource for Containers offers native integrations for Docker Hub, Amazon ECR, Azure Container Registry, Google Cloud Registry, and JFrog Artifactory. The ontroller scans container images including the file system, installed packages, image layers, and handled archive files, to detect security and compliance issues, enforce policies, initiate workflow and support the remediation process.
FULL CONTROL OVER KUBERNETES CONTAINER ORCHESTRATION
The WhiteSource Kubernetes Controller is a designated lightweight pod located inside your Kubernetes cluster. It detects all open source components in your cluster and alerts on issues as per your organizational policies.
The Controller supports all Managed Service Providers (AKS, EKS, and GKE). Our solution also tracks changes (e.g. new deployment or image modifications) to detect new vulnerabilities.