Trend Micro Artifact Scanner can be integrated into your continuous integration (CI)
or continuous delivery (CD) pipeline.
For example, Jenkins projects can automatically build, test, and push Docker images
to a Docker registry. Once pushed, the image may be instantly available to run in
an
orchestration environment. If open source vulnerabilities exist in the image, then
they are a risk when the image is run. Since images are intended to be immutable,
images should be scanned before they're deployed to a cluster.
Trend Micro Artifact Scanner scans artifacts inside your CI/CD pipelines. You can install the Trend Micro
Artifact Scanner CLI into your CI/CD pipeline to perform vulnerability scanning
before artifacts are deployed to production. Trend Micro Artifact Scanner takes the
artifact that you wish to be scanned and generates a Software Bill of Materials
(SBOM). It then uploads the SBOM to Trend Vision One for processing and returns a vulnerability report.
Examples of artifacts that Trend Micro Artifact Scanner can scan include:
-
Container Images
-
Binary Files
-
Directories with source code
-
OCI Archives