|
|
Subscribe / Log in / New account

The "Clair" security scanner

[Posted November 13, 2015 by corbet]

CoreOS has announced the release of a container-security tool called Clair. "Clair scans each container layer and provides a notification of vulnerabilities that may be a threat, based on the Common Vulnerabilities and Exposures database (CVE) and similar databases from Red Hat, Ubuntu, and Debian. Since layers can be shared between many containers, introspection is vital to build an inventory of packages and match that against known CVEs."
to post comments

The "Clair" security scanner

Posted Nov 13, 2015 21:51 UTC (Fri) by linusw (subscriber, #40300) [Link] (2 responses)

I think I need to invent a tool that not only detects the vulnerabilities but also self-heals and fix them, and name it Claire Bennet.

The "Clair" security scanner

Posted Nov 14, 2015 11:46 UTC (Sat) by mbunkus (subscriber, #87248) [Link]

Save the container, save the world? :)

The "Clair" security scanner

Posted Nov 15, 2015 16:44 UTC (Sun) by aj (subscriber, #39001) [Link]

zypper-docker is such a tool, it can search for CVEs and also patch:
https://github.com/SUSE/zypper-docker


Copyright © 2015, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds