Container & Artifact Security
Container & Artifact Security secures the software components — container images, binaries, packages, libraries, and build outputs — that are built, stored, and deployed across the delivery pipeline. In modern DevOps environments, these components form the backbone of the software supply chain. Any vulnerability, misconfiguration, or malicious code embedded here can propagate across every environment the artifact is deployed to — at scale and without warning.
Unlike traditional application models, containerized workloads are built once and deployed many times. A vulnerability in a base image or a compromised dependency can replicate silently across development, staging, and production — making it critical to validate every component at the source, before it ever enters the pipeline.
Container & Artifact Security in OpsMx acts as the build-time and supply chain control point — ensuring that what gets deployed is not only functional but secure, trusted, and compliant.
Why Container & Artifact Security Is Used in OpsMx
OpsMx uses Container & Artifact Security in Delivery Shield to:
Validate every image and artifact before deployment — blocking vulnerable or untrusted components from advancing through the pipeline
Protect the software supply chain — detecting compromised dependencies, tampered artifacts, and hidden malicious code
Generate SBOMs for every artifact — providing complete component transparency in CycloneDX and SPDX formats
Enforce deployment gates — Trivy and Grype scan results feed directly into the Deployment Firewall for automated block/allow decisions
Continuously monitor deployed images — not just at build time, but in running environments as new CVEs are published.
Last updated