Cloud and container firm Mirantis has released Mirantis Secure Registry 3.0, formerly called Docker Trusted Registry, which enables the creation and deployment of secure container registries across all types of Kubernetes
distributions and which can be used for the development of a secure software supply chain, ZDNet
“MSR provides verification and trust in software artifacts with policies and role-based access control to ensure that container images are scanned and free from vulnerabilities,” said Mirantis Chief Technology Officer Adam Parco.
MSR scans for known security problems in images by deploying an image-scanning Common Vulnerabilities and Exposures (CVE) PostgreSQL database server, and once verified according to the user’s defined security parameters, the images can be automatically promoted out of testing into production.
The enterprise-grade solution allows users to access a container image registry with security capabilities exceeding those of public registries, verify and trust integration with Continuous Integration/Continuous Delivery pipelines as well as automated operations for faster application testing and delivery, and use the system with their other apps in any standard distribution of Kubernetes 1.20 and above using standard Helm techniques.