Setting up a secure Docker image scanning solution with Anchore and Drone CI
· โ˜• 3 min read · โœ๏ธ Sathya
A while back I had done a round up of a few container scanning solutions and had mentioned I wanted to take another look at Anchore. The past few days, I’ve been playing a bit with Anchore - this time, integrating it with Drone CI. Drone is a “Container-Native, Continuous Delivery Platform” built using Go. It makes use of a YAML file, .drone.yml to define and execute the pipeline. End Goal For this project, we will be integrating Drone and Anchore.

So I wrote a book: presenting Practical Docker With Python
· โ˜• 2 min read · โœ๏ธ Sathya
With a copy of the cover! So yeah that actually happened! I’ve always wanted to publish a book and thanks to Apress publishing - that is a reality now. The book is titled “Practical Docker With Python:ย Build, Release and Distribute your Python App with Docker” and is targeted at people who are new to Docker and want to containerizeย their application (with an example Python chat bot).

On Securing Containers and Open Source tools for scanning vulnerabilities in Docker images
· โ˜• 1 min read · โœ๏ธ Sathya
I recently published couple of articles elsewhere: How to Increase Container Security and Ward Off Threats - Adobe Tech Blog 5 OpenSource tools for container security - Scanning Docker Images for Vulnerabilities with Aqua Microscanner - previously, on my blog Do give them a read.

Scanning Docker Image for Vulnerabilities with Aqua MicroScanner
· โ˜• 3 min read · โœ๏ธ Sathya

Containers are slowly becoming the standardized units of deployment. As containers become more popular, they also become the focus targets for attacking the system via vulnerabilities present in the packages within the image. There are quite a few container vulnerability scanning solutions (example: Clair, Twistlock, now Prisma Cloud, Aqua โ€“ however most of them are either commercial or require an elaborate setup, which makes it difficult for individual developers to involve them as part of the container build process.