Sign in / up

Reply to post: Re: If they pass the bug scans, IT ops can deploy the images to production systems as containers.

Docker lets security bug sniffer dogs off the leash at container images

Adam 52 Silver badge
Reply Icon

Re: If they pass the bug scans, IT ops can deploy the images to production systems as containers.

We do this now. But we deploy the known vulnerable containers anyway - it's just too hard to patch everything and retest.

We do try to patch important stuff. So, for example, a vulnerability in tiff parsing we'd let through because we never parse tiffs in production. There's risk here of course, but it's part of using Docker in a microservice environment.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon