Google Cloud Service launches automatic scanning of container vulnerabilities to enhance cloud environment security
The container technology represented by the DOCKER is now a popular virtualisation technology, and this technology has been widely used in primary public cloud services.
But the security aspect is undoubtedly the most concerned issue for public cloud service providers and users, so Google began to launch automated scanning of container repository vulnerabilities.
In specific use, Google uses machine learning technology to scan before deploying containers. If a vulnerability is detected, developers will be prompted not to implement a formal environment.
Upload scan and install scan:
Of course, this service only supports Google’s cloud computing business, and Google will start scanning when developers upload container images or packaged image images.
The image is divided into trusted sources and has not been modified, and the developer has customised. The former will compare the image hash value to ensure that there is no tampering.
For developers to customise the uploaded package image Google is mainly scanning for vulnerabilities, after the scan is completed will indicate the severity of the vulnerability and related solutions.
Google wants to address security issues before developers deploy container images to the formal environment, ensuring that developers don’t miss or forget potential security holes.
Google said it is vital to strengthen system security:
It is very important to enhance system security to resolve vulnerabilities, and Google’s automation server can significantly reduce developer time.
To ensure that the security of the deployment environment is less risky, Google said that the security management process must be automated throughout the process rather than using emergency manual operations.
At the same time, Google will also strengthen the strict management of external images to ensure that public images are the official version of the environment without any tampering, to ensure that developers use security.