• Home
  • Blog
  • A New Version of Mend for Containers is Here

A New Version of Mend for Containers is Here

A New Version Of Mend For Containers Is Here
A New Version Of Mend For Containers Is Here

As modern software becomes increasingly cloud-based and containerized, application security tools must adapt to meet new challenges and provide security coverage across the software development lifecycle (SDLC). The use of container platforms like Docker and orchestration tools like Kubernetes inherently solves some security concerns – but containers are not without risk, and can even inject some new risks into your organization’s software.

That’s why we’re excited to announce a new version of Mend for Containers. This set of features allows you to scan container images and registries at scale, provides runtime vulnerability prioritization for Kubernetes clusters, and protects cloud-native applications from vulnerabilities and license risks throughout the SDLC – from code to cloud.

Mend for Containers is built to help your DevSecOps team:

Identify threats faster. There’s an old adage that goes something like: in cybersecurity, the early bird doesn’t get the worm. Identify threats before deployment, when security concerns are cheaper and easier to address. With Mend for Containers, your team can scan while images are still in production and trace vulnerabilities in security images back to their source repository to pinpoint their origin and accelerate the remediation loop.

Prioritize remediation. DevSecOps teams when they hear Jay-Z has 99 problems: must be nice. Get the biggest bang for your security buck by fixing what counts the most. Mend for Containers includes EPSS scores so you can understand your container risk at scale and  prioritize vulnerabilities.

Enforce your policies. Your house, your rules. Great security policies are key to keeping organizations safe but they don’t do any good if they’re not enforced. Mend for Containers gives you greater control over your policies and lets you automatically allow or reject container images based on their level of risk, preventing your team from deploying container images that don’t meet production standards for quality and security.

Discover license dependency issues. Oi, mate, you got a license for that software? Keeping track of open-source license compliance can be a headache even on smaller projects and, unsurprisingly, that headache scales. Mend for Containers includes license detection to help you discover dependency license issues introduced in operating system packages.

Keep your secrets safe. Secrets aren’t secrets if you tell everyone. Mend for Containers includes secret detection for container images so you can ensure secrets are appropriately stored before deployment and prevent supply chain attacks.

Stay secure across the entire SDLC. An ounce of prevention is worth 300 bitcoin of cure. It’s been proven time and time again that a holistic attitude is the most effective risk reduction approach for cloud-native applications. Mend for Containers helps you find and remediate risks as they are introduced, including protection from vulnerabilities introduced after pipeline AppSec scanning is complete and Kubernetes (k8s) cluster monitoring of images at runtime. This means visibility on what is actually running, allowing for better prioritization and the ability to maintain high security standards throughout the SDLC, even post-deployment.

Navigating application security for cloud-native software is complex business, and we’re here to help. Mend for Containers is a robust set of enhancements that brings our leading detection and prioritization capabilities to container images and registries, assisting you and your team in reducing risk across the SDLC.

Learn more about Mend for Containers

Meet The Author

Jeanette Sherman

Jeanette Sherman has spent her cybersecurity career working to understand and relieve the struggles of security leaders as they work to secure open source. After a youth spent befriending famous hackers, Jeanette has developed a perspective on cybersecurity that takes into account not only today's business needs, but also the thought patterns of real threat actors.

Subscribe to Our Blog