ActiveState Platform Demo: Identify Container Vulnerabilities

Watch a 2-minute demo that shows how you can monitor the security and compliance of your Python code running in a Docker container.

  • View a “Bill of Materials” showing all components of an application running in a Docker container
  • Identify vulnerable components in a Docker container
  • Identify outdated components in a Docker container

Learn more about the ActiveState Platform for Open Source Languages.

Everyone runs Docker containers these days, but not everyone has figured out how best to monitor them for security and compliance, especially when it comes to tracking the security and compliance of open-source languages running inside of a Docker container. But that’s where the ActiveState Platform comes in. It lets me identify vulnerabilities, older libraries, and even gives me some insight into open-source licensing issues.

So here I have an application called DockerCon, running inside of a Docker container. If I drill in, what I can see is basically a Bill of Materials for the application running inside the container. Now, this application happens to be a Python application, and I can immediately see that some of these packages are actually out of date because of the X beside the name.

Now all of this is made possible through the use of just two files. Number one, a config file that identifies this application uniquely and reports it back to the platform, and number two, our plugin, which you can just download locally. Then, all you need to do is modify your container build file to add in the ActiveState config file, as well as the ActiveState Platform, and then build your container as usual.

So in this way, you can track any application inside of a Docker container on the ActiveState platform. It allows you to identify not only what’s running inside that container and all of the components, but any vulnerability as well, when and as it occurs.