Compliance and Audit

Compliance check dashboard

Features

  • Supports all popular container registries, such as Docker, Quay etc
  • Detailed compliance policy definition for vulnerabilities, packages and open source licenses
  • Registry crawler provides a comprehensive list of images that have not been checked for compliance
  • Predefined templates for PCI and HIPAA compliance
  • Container images are scanned for compliance as soon as they are pushed to the registry
  • Scans could be initiated explicitly for already created images, or as part of the integrated end-to-end CI/CD and/or PaaS workflows, such as with RedHat OpenShift and VMware vSphere Integrated Containers
  • Scheduled and continuous check for newly defined policies
  • Detailed enterprise-wide impact analysis of any newly defined policy on the containerized applications
  • Tight integration with OpenShift like PaaS workflows prevent blacklisted (failed compliance) images from running in production or in any other critical environments

Package and license compliance policies, one-click attestation

Compliance check policies

Benefits

  • Eliminate the risk of using open source packages that have not been reviewed and approved
  • Easy to define and apply enterprise compliance policies to containerized applications
  • Complete and continuous visibility into and control over what goes in the container image
  • Seamless integration with existing database of approved open source packages for automatic definition of package whitelists, and to submit new requests for package approval
  • Dry run and impact analysis of newly defined policies
  • CISO dashboard for a bird’s eyeview of container images, running containers and enterprise policy conformance
  • Downloadable reports for formal approvals and certifications
  • Zero impact to the existing CI/CD pipelines

Try Layered Insight for yourself today