We all know that security, the price of entry for applications that live within your company’s firewall, is crucial for data intelligent organizations. However, it can still pose numerous challenges and become a time consuming process.
Security teams within your organization may require container security scans for images that are included in Edge. These scans can result in a list of Common Vulnerabilities and Exposures or CVEs. These CVEs have scores associated to them called Common Vulnerability Scoring System scores or CVSS scores, that describe the severity of the CVE and help security teams prioritize and provide guidance on what the organization is comfortable tolerating for a period of time, and identify those that need attention and resolution.
The new Edge Smart Upgrade helps you and your team more easily go through security review and approval processes so you can spend less time on approvals and more time using your data to make informed business decisions. Below are our three new Edge features that will help improve enterprise security across your organization:
Private Docker Registries
Edge Smart Upgrade provides the ability for you to choose your upgrade strategy, adding in the functionality to manually update your Edge server. Taking this approach enables you to pull down images to your own private docker registry when a new release is available and perform container security scans against these images for vulnerability evaluation. The biggest benefit here is that the Edge product is easily incorporated into your organization’s existing Security policies and you have the ability to assess vulnerabilities with your SMEs before taking an update.
In cases where there is a request from your organization to have CVEs to reviewed, customers are able to share this information to Collibra Support and work with them on options for remediation.
Release specific Software Bill of Materials (SBOM)
Another way that Edge makes it easier for your organization’s security team to evaluate vulnerabilities is through a release specific SBOM that is used as an input to existing security scanning tools. The SBOM provides a list of images and versions that come with a release so you can evaluate the images ahead of taking the newest patch for Edge.
The Upgrade Now button
Let’s say your security organization has reviewed a release and blessed it for consumption, you can upgrade existing Edge sites to the targeted version by simply clicking a button in Edge Management within the Site details page. Edge displays the status of the upgrade process as well as event logs in real time so you can monitor the health and progress of an upgrade.
Customers creating new Edge sites also have the opportunity to control the upgrade mode of a new Edge site during site creation.
Whether you are currently a Jobserver user moving to Edge, or an existing Edge user, you can take advantage of these three new features to improve your enterprise security. These new features make it easier and more efficient for your team to ensure security across the organization.