| ▲ | shepherdjerred 5 days ago | |
Of course? They are only concerned with the base image. What you do with it is your responsibility This would be like expecting AWS to protect your EC2 instance from a postinstall script | ||
| ▲ | acdha 5 days ago | parent [-] | |
The difference is that they’re charging extra for it, so people want to see benefits they could take to their management to justify the extra cost. The NPM stuff has a lot of people’s attention right now so it’s natural to ask whether something would have blocked what your CISO is probably asking about since you have an unlimited number of possible security purchase options. One of the Docker employees mentioned one relevant feature: https://socket.dev/blog/socket-firewall-now-available-in-doc... Update the analogy to “like EC2 but we handle the base OS patching and container runtime” and you have Fargate. | ||