TALKING

To move fast and stay secure , every organisation needs visibility of its cloud security posture . This ensures that security remains the enabler for cloud transformation .

Guard against container image vulnerabilities with Cloud Optix

Cloud Optix , the Sophos Cloud Security Posture Management service , helps prevent security breaches by providing both visibility of container assets and scanning to identify exploitable weak points in container images .

• IaC environments ( Bitbucket and GitHub )

• Images in build pipelines ( using the Cloud Optix API )

Thanks to the SaaS-based , agentless service , there ’ s nothing to install – making this new Cloud Optix capability easy to set up .

Once customers link their container registries to Cloud Optix , they will see details of scans performed , images queued for scanning and vulnerabilities detected .

The image-scanning process is regularly repeated automatically to identify new vulnerabilities and available fixes to existing container images .

Alerts for images with critical vulnerabilities can be sent to development teams via Jira , ServiceNow , Slack and Microsoft Teams integrations , providing visibility of security vulnerabilities and the tracking of fixes .

With Cloud Optix , organisations can scan container images pre-deployment to prevent threats from operating system vulnerabilities and identify newer versions of the image that may contain fixes .

With container vulnerability scanning from Sophos , you can ensure breach points are blocked before they can be compromised . p

This approach paves the way for security teams to enjoy fast and secure development by enabling DevOps teams to scan container images for security vulnerabilities in the following locations :

• Amazon Elastic Container Registries ( ECR )

• Microsoft Azure Container Registries ( ACR )

• Docker Hub registries

38 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com