Cloud One – Container Image Security

Simplified security for your cloud- native applications with automated container image and registry scanning

Key Features

Protect your container images sooner for optimal detection

Build better applications with security that’s easy to integrate into your DevOps tool chain.

  • Detects more malware, vulnerabilities, secrets, keys, and passwords, with complete visibility through your command shell, advanced dashboards, logs, and notifications
  • Scans images at build time and removes threats before the image is saved to your registry
  • Scans your approved images in your registry for any new threats or zero days
Windows® Mac® AndroidTM iOS new Power Up

Reduce manual processes with automated container image scanning protection

  • Simplify your secure build process with our public automation center for code snippets, documentation, support, and more
  • Access a complete set of security APIs for dev tools, such as Jenkins, Kubernetes, and container platform
  • Direct feedback from email and community platforms, like Slack® and ServiceNow®, helps mitigate issues and expedite resolutions
Windows® Mac® AndroidTM iOS new Power Up

Smart protection in the CI/CD pipeline

Reduce disruption of development schedules and workflows with unmatched threat intelligence that maximizes threat detection in your CI/CD pipeline.

  • Advanced analytics, including machine learning, to detect real-time, zero-day threats
  • Integrated threat intelligence delivered from millions of sensors with over 3 trillion threat queries annually
  • Insightful protection, identifying almost 7 billion unique threats annually to ensure protection from today’s and tomorrow’s threats through Trend Micro’s Smart Protection Network
Windows® Mac® AndroidTM iOS new Power Up

Compliance-ready protection

Secure your applications and meet compliance requirements without impacting productivity in the CI/CD pipeline.

  • Vulnerability assessment and malware detection  
  • Simplified audit reporting with log history to help address compliance and governance requests
  • Ensure threats are discovered sooner than later with continuous scanning at the image build stage and in the image registry
Windows® Mac® AndroidTM iOS new Power Up

Kubernetes 1.8.7 or higher

Helm/Tiller 2.8.1 or higher

Docker 17.06 or higher

Detect threats prior to runtime

Uncover vulnerabilities, malware, and sensitive data, such as API keys and passwords, within your container images

  • Minimize false positives by correlating patch layers with packages that are vulnerable in the same image
  • Address vulnerabilities before they can be exploited at runtime
  • Invoke scans at any stage of your pipeline
  • Results include available fix details

Confidently deploy containers with image assertion

Detect security issues early, enforce policy, and be assured only compliant containers run in production.

  • Build a security policy based on the detection of secrets, keys, malware, and vulnerabilities
  • Only allow images that meet security policy to proceed through the pipeline
  • Take advantage of integration with signing services for risk-based admission control
  • Validate that an image complies with a specified security policy before it’s permitted to run in the production environment

Flexibility to fit into your pipeline

Effective security for containers begins with simplified administration of protecting images.

  • Deploys as a Kubernetes® helm chart for easy integration into your container and software-build pipeline environment
  • Configure authorized users and groups accordingly for role-based access
  • Add and update registries to maximize desired scans
  • Create multiple concurrent scanning scenarios

Other Cloud One services

Trend Micro Cloud One™ – Container Image Security is part of Trend Micro Cloud One™, a security services platform for cloud builders, which includes:

Get started with Container Image Security