Ubuntu maker wants app developers to stop worrying too much about security

News
By published

New Canonical portfolio will be exempt from Docker’s per-user rate limits

Lenovo Linux
(Image credit: Lenovo)

Buoyed by the recent Snyk security report that found security vulnerabilities in several container images except Ubuntu’s, the company behind it, Canonical, has published a whole portfolio of hardened images.

Unsurprisingly, Canonical has partnered with Docker to streamline the delivery of the secure portfolio of images through Docker Hub.

“Canonical and Docker will partner together to ensure that hardened free and commercial Ubuntu images will be available to all developer software supply chains for multi-cloud app development,” Docker's Matt Carter wrote in a blog post announcing the collaboration.

Long term security

The 2020 Snyk State of Open Source Security report discovered security vulnerabilities in several popular container images, while giving a clean chit to Canonical’s Ubuntu image. 

The company builds on this achievement and in a FAQ posted on its new repository, promises to fix any Common Vulnerabilities and Exposures (CVEs) within 24 hours of being reported.

Canonical’s LTS portfolio will include both free and commercial images and already lists about a dozen images for prominent open source software including Redis, Nginx, Grafana, Prometheus, and several others.

All of the hardened images in the repository will have a five-year free security maintenance period, same as the underlying Ubuntu LTS release they’re based on. Paying customers of Canonical’s Ubuntu Pro program will get an additional five years of support as part of the ten year Extended Security Maintenance contract.

Canonical’s announcement is the second major security-related initiative by Docker in as many months. Just last month application security company Snyk announced that they’ve started providing security scanning capabilities for images pushed to Docker Hub. 

Canonical hopes the two developments will help “drive a surge in Kubernetes adoption as companies embrace digital transformation while significantly reducing operating risk in the solution application life-cycle.”

TOPICS
Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Latest in Security
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Lock on Laptop Screen
Data breach at Pennsylvania education union potentially exposes 500,000 victims
Data leak
Top collectibles site leaks personal data of nearly a million users
Spyware
Stalkerware data breach potentially hits over 2 million users, including thousands of Apple devices
An American flag flying outside the US Capitol building against a blue sky
Five Eyes "cannot replace US intel in Ukraine", claims former US Cyber Command Chief
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Criminals are using a virtual hard disk image file to host and distribute dangerous malware
Latest in News
Citroen 2CV
The retro EV resurgence is in full swing, as Citroen confirms the iconic 2CV will return with batteries
Hugging Snap
This AI app claims it can see what I'm looking at – which it mostly can
Apple iPhone 16 Pro Max REVIEW
The latest batch of leaked iPhone 17 dummy units appear to show where glass meets metal on the new designs
Hornet swings their weapon in mid air
Hollow Knight: Silksong could potentially launch this year and I reckon it could be a great game for an Xbox handheld
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Cassian looking at someone off-camera from a TIE fighter cockpit in Andor season 2
Star Wars: Andor creator is taking a stance against AI by canceling plans to release its scripts, and I completely get why
More about security
ransomware avast

Ransomware attacks are costing Government offices a month of downtime on average
Data leak

Top collectibles site leaks personal data of nearly a million users
Mark S and Helly R standing by their desks bathed in blue light in Severance's season 2 finale

Severance season 2 episode 10 ending explained: what does Mark do, who dies, will there be a season 3, and more big questions answered
See more latest
Most Popular
Mark S and Helly R standing by their desks bathed in blue light in Severance's season 2 finale
Severance season 2 episode 10 ending explained: what does Mark do, who dies, will there be a season 3, and more big questions answered
YouTube Premium
Would you pay for better sound on YouTube? The video-sharing platform could soon let you control audio quality, but it'll cost you
Hugging Snap
This AI app claims it can see what I'm looking at – which it mostly can
Citroen 2CV
The retro EV resurgence is in full swing, as Citroen confirms the iconic 2CV will return with batteries
I Hate This Place artwork
Bloober Team is keeping busy as it announces its next survival horror game I Hate This Place and offers a new look at its upcoming title Cronos: The New Dawn
Equal1 Bell-1 quantum computer
This is the first quantum computer you can actually buy (and use, and power): Equal1's Bell-1 uses a standard power socket
Ryzen AI Max+ 395
Obscure Chinese PC vendor gets preferential AMD treatment as Lisa Su signs first desktop PC with Ryzen AI Max+ 395 ahead of May launch
Apple iPhone 16 Pro Max REVIEW
The latest batch of leaked iPhone 17 dummy units appear to show where glass meets metal on the new designs
SanDisk Slim Dual Drive
This is the first 2TB dual-port external SSD ever and it's not as expensive as you may think
Bimawen B15.6 TV Pro
A sign of things to come? This portable monitor comes with Google TV, a remote control and a very well hidden Android PC