Deep Security Smart Check

Protect your container images sooner with automated scanning for advanced security within your CI/CD pipeline

Key Features

Continuous container image scanning optimized for DevOps

Run applications anywhere with security that integrates with your DevOps tools and environments.

  • Scans images at build time and in popular private and cloud registries, including Docker Trusted Registry, Amazon Elastic Container Registry, Azure Container Registry, and Google Container Registry
  • Detects malware, vulnerabilities, and secrets, such as private keys and passwords, through dashboard visibility, logs, and notifications
  • Delivers ongoing protection, powered by the Trend Micro Smart Protection Network™, a world class-system of threat intelligence sensors
  • Deploys as a Kubernetes® helm chart for easy integration in your container and software-build pipeline environment
Windows® Mac® AndroidTM iOS new Power Up

Reduce manual processes with automated container image scanning protection

Enable development and operations to ship fast with automated security via APIs built to improve development cycles, reducing human touch points and errors.

  • Fully automated scanning using Webhooks and a documented, comprehensive suite of APIs
  • Invoked APIs by the CI/CD system to start scans when a container image is pushed to a registry
  • Closed-loop workflow delivers details to developers for remediation
Windows® Mac® AndroidTM iOS new Power Up

Smart protection in the CI/CD pipeline

Reduce disruption of development schedules and workflows with unmatched threat intelligence that maximizes threat detection in your CI/CD pipeline.

  • Advanced analytics, including Trend Micro XGen™ security machine learning, detect real-time, zero-day threats
  • Integrated threat intelligence delivered from millions of sensors with over 3 trillion threat queries annually
  • Identifying almost 7 billion unique threats annually to ensure protection from today’s and tomorrow’s threats through Trend Micro’s Smart Protection Network
Windows® Mac® AndroidTM iOS new Power Up

Compliance-ready protection

Help build secure applications and meet compliance requirements without impacting productivity in the CI/CD pipeline.

  • Vulnerability assessment and malware detection  
  • Simplified audit reporting with log history to help address compliance and governance requests
  • Ensure threats are discovered sooner than later with continuous scanning at the image build stage and in the image registry
Windows® Mac® AndroidTM iOS new Power Up

Kubernetes 1.8.7 or higher

Helm/Tiller 2.8.1 or higher

Docker 17.06 or higher

Detect threats prior to runtime

Uncover vulnerabilities, malware, and sensitive data, such as API keys and passwords, within your Docker® container images

  • Minimise false positives by correlating patch layers with packages that are vulnerable in the same image
  • Address vulnerabilities before they can be exploited at runtime
  • Invoke scans at any stage of the pipeline
  • Results include available fix details

Confidently deploy containers with image assertion

Detect security issues early, enforce policy, and be assured only compliant containers run in production.

  • Build a security policy based on the detection of secrets, keys, malware, and vulnerabilities
  • Allow only images that meet security policy to proceed through the pipeline
  • Take advantage of integration with signing services for risk-based admission control
  • Validate that an image complies with specified security policy before it’s permitted to run in the production environment

Flexibility to fit into your pipeline

Effective security for containers begins with simplified administration of protecting images.

  • Configure authorised users and groups accordingly for role-based access
  • Add and update registries to maximise desired scans
  • Create multiple concurrent scanning scenarios

Get started with Deep Security Smart Check

Build secure

Smart Check is part of our Hybrid Cloud solution, powered by Trend Micro XGen™ technology. This powerful security delivers threat defence techniques for protecting physical, virtual, and cloud workloads, along with build pipeline scanning of container images and runtime protection of containers and the host.