Jump to Content
DevOps & SRE

Use Artifact Registry and Container Scanning to shift left on security and streamline your deployments

October 4, 2022
https://storage.googleapis.com/gweb-cloudblog-publish/images/artifact_reg.max-2600x2600.jpg
Greg Mucci

Product Manager, Developer Experience

3 ways Artifact Registry & Container Analysis can help optimize and protect container workloads

Cybercrime costs companies 6 trillion dollars annually, with ransomware damage accounting for $20B alone1. A major source of attack vectors is vulnerabilities present in your open source software and vulnerabilities are more common in popular projects. In 2021, the top 10% of most popular OSS project versions are 29% more likely on average to contain known vulnerabilities. Conversely, the remaining 90% of project versions are only 6.5% likely to contain known vulnerabilities2. Google understands the challenges of working with open source software. We've been doing it for decades and are making some of our best practices available to customers through our solutions on Google Cloud. Below are three simple ways to get started and leverage our artifact management platform.

  1. Using Google Cloud’s native registry solution: Artifact Registry is the next generation of Container Registry and a great option for securing and optimizing storage of your images. It provides centralized management and lets you store a diverse set of artifacts with seamless integration with Google Cloud runtimes and DevOps solutions, letting you build and deploy your applications with ease. 

  2. Shift left to discover critical vulnerabilities sooner: By enabling automatic scanning of containers in Artifact Registry, you get vulnerability detection early on in the development process. Once enabled, any image pushed to the registry is scanned automatically for a growing number of operating system and language package vulnerabilities. Continuous analysis updates vulnerability information for the image as long as it's in active use. This simple step allows you to shift security left and detect critical vulnerabilities in your running applications before they become more broadly available to malicious actors. 

  3. Deployments made easy and optimized for GKE: With regionalized repositories, your images are well positioned for quick and easy deployment to Google Cloud runtimes. You can further reduce the start-up latency of your applications running on GKE with image streaming.

Our native Artifact Management solutions have tight integration with other Google Cloud services like IAM and Binary Authorization. Using Artifact Registry with automatic scanning is a key step towards improving the security posture of your software development life cycle.

https://storage.googleapis.com/gweb-cloudblog-publish/images/Artifact_Registry_54S8XHC.max-1500x1500.jpg
End to end software supply chain

Leverage these Google Cloud solutions to optimize your container workloads and help your organization shift security left. Learn more about Artifact Registry and enabling automated scanning

These features are available now.


1. Cyberwarfare In The C-Suite 
2. State of the software supply chain 2021

Posted in