Do you trust your containers? - Scanning Container Images for Vulnerabilities using OpenSCAP and ManageIQ
ManageIQ is an open source management platform for Hybrid IT. It can manage small and large environments and supports multiple technologies such as virtual machines, public clouds and containers.
Openshift is Red Hat's Paas container solution, managed by a dedicated provider in ManageIQ. It provides inventory reports, metrics collection and visualization, logs, usage reports, cluster deployment operations and security scanning for container images.
As container images may come from various sources, there's a growing need of an analyzing tool. With ManageIQ one is given the option to scan the images and report security vulnerabilities. We will scan Openshift container images using ManageIQ and study the reports generated by OpenSCAP and Smartstate Analysis. We will talk about the image-inspector tool that is used to inspect the images, how it integrates with Openshift as a container and how ManageIQ is connecting to it through Openshift.
Erez is a Software Developer working for Red Hat for the last year as part of the ManageIQ container management team.