anchore1d ago
We just updated our guide on integrating Anchore into your Azure DevOps pipelines! Learn how to use anchorectl for distributed analysis (local SBOM generation) or centralized analysis via a staging registry. Secure your software supply chain without slowing down your devs.
Read more: https://anchore.com/blog/anchore-azure-devops/
#DevSecOps #AzureDevOps #ContainerSecurity #SBOM
Integrating Anchore Security Scanning into Your Azure DevOps Pipeline | Anchore

With a few lines of yaml, add security to your Azure DevOps pipeline to keep non-compliant containers from reaching production environments.

Anchore
anchore3d ago

@josh.bressers.name scanned 161 MCP containers. Found 9,000 vulnerabilities. 263 were critical.

"Software ages like milk, not wine." His analysis breaks down what's actually being deployed in the MCP ecosystem—and what to do about it.

https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/

#MCP #ContainerSecurity

jpmellojr5d ago
OWASP just adopted DockSec to cut through container security noise and sharpen DevSecOps signal. See how this AI-powered analyzer helps teams ship safer software: https://jpmellojr.blogspot.com/2026/03/owasp-adopts-docksec-what-it-is-and-why.html #OWASP #DockSec #DevSecOps #ContainerSecurity #AppSec
OWASP adopts DockSec: What it is — and why it matters

Security teams are plagued by information overload — the firehose of data pumped out by their security tools. Now, some relief is in sight...

anchoreMar 8

MCP is having a moment. @josh.bressers.name wanted to know: what are we actually shipping?

9,000 vulns
263 critical findings
36K+ NPM packages
Outdated base images

Not fear-mongering—just data-driven reality. Read his analysis: https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/

#MCP #ContainerSecurity

HackerNoonMar 2
Docker Scout adds context to container scanning by showing what matters, what to fix first, and how to reduce risk safely beyond raw CVE lists. https://hackernoon.com/docker-scout-vs-traditional-container-scanners-why-context-beats-cve-noise #containersecurity
Docker Scout vs Traditional Container Scanners: Why Context Beats CVE Noise | HackerNoon

Docker Scout adds context to container scanning by showing what matters, what to fix first, and how to reduce risk safely beyond raw CVE lists.

anchoreFeb 28

Your MCP server might be the weakest link—here's the data. @josh.bressers.name scanned 161 MCP images and found 9,000 vulns / 263 criticals. Read the breakdown and fixes: https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/

#MCP #SoftwareSupplyChain #ContainerSecurity #DevSecOps

anchoreFeb 21

@josh.bressers.name scanned 161 MCP containers. Found 9,000 vulnerabilities. 263 were critical.

"Software ages like milk, not wine." His analysis breaks down what's actually being deployed in the MCP ecosystem—and what to do about it.

https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/

#MCP #ContainerSecurity

anchoreFeb 14

MCP is having a moment. @josh.bressers.name wanted to know: what are we actually shipping?

9,000 vulns
263 critical findings
36K+ NPM packages
Outdated base images

Not fear-mongering—just data-driven reality. Read his analysis: https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/

#MCP #ContainerSecurity

Endor LabsFeb 11

Today we're announcing Container Reachability, delivering full-stack reachability across application and base layers.

The results?
90% reduction in container vulnerability false positives
Evidence-based prioritization of vulnerabilities
A unified platform for SCA,SAST, and container scanning

www.endorlabs.com/learn/introducing-full-stack-reachability-container-scanning-that-actually-reduces-noise

#ContainerSecurity #DevSecOps #FedRAMP

ActiveStateFeb 5

Hardened Images: 28. Unmanaged Risk: 0. The scoreboard says it all.

Don’t let a vulnerability fumble your production. Power your infrastructure with a championship-ready foundation with ActiveState’s Secure Containers.

Find your winning lineup and browse our catalog: https://catalog.activestate.com/?utm_source=mastodon&utm_medium=organic_social&utm_campaign=fy26_q1_secure_container_image_catalog

#DevSecOps #ContainerSecurity #ActiveState