InsightVM integrates with your CI/CD tools, public container repositories, and private repositories to assess container images for vulnerabilities during the build process—before they're deployed. Need to identify containers in your environment? Discover and correlate deployed containers to assets, so you can then secure both containers and their hosts.
Container images waiting to be spun up in production sit in public and private repositories. Connect InsightVM to these repositories to maintain constant visibility into their risk, even if the vulnerabilities associated with an image change after the image has been uploaded.
To ensure vulnerable containers stay out of production environments, integrate InsightVM with your CI/CD tools like Jenkins. Customizable thresholds allow you to determine if builds should be marked as failed, unstable, or passed based on your risk tolerance or other criteria.
Containers can be spun up quickly and easily. This massive benefit for production teams can be a serious concern for security teams if they are not kept in the loop. InsightVM will identify previously unknown containers and container hosts alongside other routine vulnerability assessment tasks.