SOOS Containers is a cloud-based container security platform designed to analyze, monitor, and govern container images throughout the software development lifecycle. The platform inspects container images to identify all included software, libraries, and packages, then builds a full dependency tree to map introduction paths. SOOS matches all identified components to known vulnerabilities and licenses, enabling automated detection of security and compliance risks. Governance policies can be enforced to flag policy violations, and issues are automatically created for vulnerabilities, unknown packages, and compliance breaches. Reports for each analyzed container image are accessible via dashboards tailored for developers, legal, security, and compliance teams. The solution integrates with CI/CD pipelines and supports large-scale, continuous monitoring of container environments, streamlining risk management and compliance for organizations using containerized applications.

Key Features

Container Image Analysis Inspects container images to identify all software, libraries, and packages.

• Detects outdated or vulnerable components.
• Provides a detailed inventory of image contents.

Dependency Tree Creation Builds a comprehensive dependency tree for each container image.

• Maps direct and transitive dependencies.
• Tracks introduction paths for each component.

Vulnerability and License Matching Matches all packages to known vulnerabilities and licenses.

• Flags vulnerabilities and license conflicts.
• Supports license management via governance engine.

Governance Policy Enforcement Runs governance policies against identified packages and licenses.

• Flags policy violations and unknown packages.
• Supports customizable governance rules.

Automated Issue Creation and Reporting Creates issues for vulnerabilities, policy breaches, and unknown components.

• Generates detailed reports for each container image.
• Dashboards for developer, legal, security, and compliance teams.

CI/CD Integration Integrates with build pipelines for automated, continuous scanning.

• Enables security and compliance checks as part of DevOps workflows.
• Supports seamless integration with development tools and registries.

Benefits

Comprehensive Container Security Provides deep visibility and automated risk detection for container images.

• Reduces the risk of deploying vulnerable or non-compliant containers.
• Enhances security posture across containerized environments.

Streamlined Compliance and Governance Automates license and policy checks for all container images.

• Simplifies compliance reporting and audit preparation.
• Supports regulatory and organizational requirements.

Scalable and Automated Operations Handles large volumes of container images with automated analysis and reporting.

• Suitable for organizations with complex, containerized infrastructures.
• Enables continuous monitoring and rapid response to new risks.