Ubuntu maker wants app developers to stop worrying too much about security

Buoyed by the recent Snyk security report that found security vulnerabilities in several container images except Ubuntu's, the company behind it, Canonical, has published a whole portfolio of hardened images.

Unsurprisingly, Canonical has partnered with Docker to streamline the delivery of the secure portfolio of images through Docker Hub.

"Canonical and Docker will partner together to ensure that hardened free and commercial Ubuntu images will be available to all developer software supply chains for multi-cloud app development,” Docker's Matt Carter wrote in a blog post announcing the collaboration.

Long term security

The 2020 Snyk State of Open Source Security report discovered security vulnerabilities in several popular container images, while giving a clean chit to Canonical's Ubuntu image.

The company builds on this achievement and in a FAQ posted on its new repository, promises to fix any Common Vulnerabilities and Exposures (CVEs) within 24 hours of being reported.

Canonical's LTS portfolio will include both free and commercial images and already lists about a dozen images for prominent open source software including Redis, Nginx, Grafana, Prometheus, and several others.

All of the hardened images in the repository will have a five-year free security maintenance period, same as the underlying Ubuntu LTS release they're based on. Paying customers of Canonical's Ubuntu Pro program will get an additional five years of support as part of the ten year Extended Security Maintenance contract.

Canonical's announcement is the second major security-related initiative by Docker in as many months. Just last month application security company Snyk announced that they've started providing security scanning capabilities for images pushed to Docker Hub.

Canonical hopes the two developments will help "drive a surge in Kubernetes adoption as companies embrace digital transformation while significantly reducing operating risk in the solution application life-cycle.”

How It works

Search Crack for

Latest IT News

Jan 15
Keyble features fingerprint authentication allowing users to make contactless payments and access digital services.
Jan 15
The Microsoft Teams recap feature will allow users to access important information from a meeting following its conclusion.
Jan 15
IBM has acquired managed service provider Taos in a deal expected to close in the first quarter of 2021.
Jan 15
The social network argues the extensions acted as spyware.
Jan 14
TeamViewer's new integration allows users to make video calls directly from the company's remote desktop software.
Jan 14
From casual microblogging to the fully-featured professional blog.
Jan 14
Putting together an online portfolio of your work doesn't have to be difficult or expensive.

Latest cracks