Continuous Security Assessment for the Docker Ecosystem

Cavirin is taking a leadership role securing the container lifecycle, including OS hardening of containers as well as registry and Docker Hub image scanning.

Docker Security

Securing the Container Lifecycle from the Beginning

Scanning the container images for security is critical before they hit production, since container based applications are often built by composing with other images downloaded from registries, some even untrusted, that can potentially have serious vulnerabilities. We have automated container security to the level of easy integration into application development process and CI/CD pipeline.

If they are implementing containers either on-premise or as part of a cloud deployment, you need to ensure that their workloads are secure.  And, if you bring in images from a registry, you need to ensure that these are not corrupted.  We support both of these scenarios, de-risking their deployments.


Cavirin's automated image scanning looks at and assess all things within the actual Docker image, including security baselines and whether the system is patched, and can play an important role in the CI/CD pipeline.  This is critical, since about a third of all container images found in public or even private registries have vulnerabilities.


OS hardening of the full containerized infrastructure stack removes security holes and unnecessary/corrupt images to provide unsurpassed security in addition to improving container performance.


Cavirin was a key contributor of the CIS Docker 1.13 Benchmark and has embedded the core security guidelines into their platform along with other security and industry compliance frameworks (e.g HIPAA, PCI, SOC2 and NIST).


Are containers secure? Join us on May 25th as we share with you the CISO's best practices across their lifecycle, including image scanning within CI/CD process, container OS hardening, and orchestration security with Kubernetes. Guest speaker is Izak Mutlu, former CISO at Salesforce.

Featuring Izak Mutlu, former CISO at Salesforce.

Featuring Izak Mutlu, former CISO at Salesforce.
Cavirin Blog
  • Cavirin Announces Continuous Security Assessment for Docker (Cavirin Blog)
  • DockerCon 2017 Q&A: Cavirin Will Demostrate Leadership Role of Securing the Container Lifecycle (
  • CIS Docker 1.13 Benchmark is Now Available (Cavirin Blog)
  • Docker Container Security And STRIDE (Cavirin Blog)
  • Docker Security a Product Manager's View (Cavirin Blog)

Meet Pravin Goyle, Director of Information Security and Compliance Engineering at Cavirin

Pravin is a cybersecurity expert and has contributed to various CIS security benchmarks. He has authored CIS Docker Benchmark (all versions, including Docker 1.13 benchmark) and CIS Quick Cloud Start Benchmark. He is currently setting up a CIS community around Google Cloud Platform.

Check out his video, CIS Benchmarking 101

Developed specifically for enterprise cloud and container environments

Google Cloud Platform
Microsoft Azure

See it to believe it - Free Test Drive

Cavirin provides security management across physical, public, and hybrid clouds, supporting AWS, Microsoft Azure, Google Cloud Platform, VMware, KVM, and Docker.



5201 Great America Pkwy Suite 419  Santa Clara, CA 95054

- 1-408-200-3544

Cavirin US Location