Fairwinds Launches Open Source Tool for Base Image Detection
Fix Container Vulnerabilities Faster With Targeted Base Image Upgrade Recommendations
BOSTON, June 13, 2023 (Newswire.com) - Fairwinds, the leading provider of software for Kubernetes platform engineers to standardize and enable development best practices, today announced its latest open source utility, Base Image Finder, to identify base images and remediate faster when known CVEs are announced.
The base image is the starting point for most container-based development workflows and is the layer the rest of the container image is built upon. While any image layer can have vulnerabilities, many originate from the base image. This requires developers to figure out which base image is being used and what newer versions exist. Open source scanning tools are great at reporting unique vulnerabilities, but don't tie those findings back to specific image layers — which makes fixing time intensive and expensive. Base Image Finder scans containerized images, detects the base image currently in use, and recommends newer, less vulnerable versions to use. This gives developers a "singular" remediation action to take — significantly reducing cognitive load and improving security.
Andy Suderman, CTO at Fairwinds, said, "When vulnerabilities are announced, one of the hardest parts of remediation is understanding where the vulnerability was introduced, especially in a containerized environment. Base Image Finder identifies base images in your containers and offers upgrade recommendations to speed up the vulnerability remediation process. By more quickly identifying your base images, you can upgrade faster and resolve a bulk of vulnerabilities with less context switching."
Fairwinds is committed to the cloud native open source community. With more than 10 open source projects, including Polaris, Goldilocks, Pluto and Nova, Fairwinds looks to make Kubernetes users more successful in managing secure, reliable and cost-efficient workloads. Users looking to apply Fairwinds open source across multiple clusters and users at scale can use Fairwinds Insights to standardize and enable development best practices.
To get started with the base image finder, request an API token via a command line interface. Read the blog for more information.
Resources
About Fairwinds
Fairwinds builds software for Kubernetes platform engineers to standardize and enable development best practices. With Fairwinds, platform teams decrease friction, increase dev velocity and improve the dev experience to accelerate time to market and revenue generation. Customers ship cloud native applications faster, more cost-effectively and with less risk. The company is headquartered in Boston, Massachusetts, and provides a fully remote and distributed work environment. For more information, visit www.fairwinds.com, read our blog or follow @FairwindsOps on Twitter.
Source: Fairwinds