 "CoreOS introduces Clair - a tool for monitoring container security")
CoreOS is introducing Clair – a tool to monitor the security of containers. The company, in a blog post, said, “We are open sourcing a new project called Clair – an API-driven analysis engine that inspects containers layer-by-layer for known security flaws.” “Vulnerabilities will always exist in the world of software. Good security practice means being prepared for the mishaps – to identify insecure packages and be prepared to update them quickly. Clair is designed to help you identify insecure packages that may exist in your containers,” the company added. [caption id=“attachment_2257788” align=“alignleft” width=“380”]  Courtesy: Symantec[/caption] Using Clair, users can build services that provide continuous monitoring for container vulnerabilities. Clair scans each container layer and provides a notification of vulnerabilities that may be a threat, based on the Common Vulnerabilities and Exposures database and similar databases from Red Hat, Ubuntu, and Debian. Since layers can be shared between many containers, introspection is vital to build an inventory of packages and match that against known CVEs. Automatic detection of vulnerabilities will help increase awareness and encourage action to patch and address the vulnerabilities. When new vulnerabilities are announced, all existing layers are rescanned and notifications are sent. However, CoreOS stated, “Vulnerabilities often rely on particular conditions in order to be exploited. For example, Heartbleed only matters as a threat if the vulnerable OpenSSL package is installed and being used. Clair isn’t suited for that level of analysis and teams should still undertake deeper analysis as required.” Clair is the foundation of the beta version of Quay Security Scanning, a new feature running now on Quay to examine the millions of containers stored there for security vulnerabilities. Quay users can log in to see Security Scanning information in their dashboard, including a list of potentially vulnerable containers in their repositories.
Clair is an API-driven analysis engine that inspects containers layer-by-layer for known security flaws.
Advertisement
End of Article
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
](https://images.firstpost.com/wp-content/uploads/2015/05/mobile-security.jpg){kind=link}