Scheduled scans using Ansible Tower for Docker security
Continuous security processes are all about the loop of planning, doing, measuring, and acting:
The Deming Cycle from Wikimedia Commons
By following standard checklists and benchmarks and using Ansible to execute them on containers, we can check for security issues and act on them. Anchore is an analysis and inspection platform for containers.
Anchore – open container compliance platform
Anchore is one of the most popular tools and services to perform analysis, inspection, and certification of container images. It provides multiple services and platforms to set up, the most stable and powerful way is to set up the local service using Anchore Engine, which can be accessed via the REST API. In the following documentation, we will see how to set up the service using Anchore Engine and how we can use this REST API to perform continuous security scanning and analysis of Docker containers.
The following items are high level operations Anchore...