The application security company is working to make containers more secure with the release of Mend for Containers, which scans container images and registries.

According to the company, the new solution will enable DevSecOps teams to discover threats before they make it to production. It also can scan containers that are already in production.

Other capabilities include discovery of license issues, detection of exposed secrets, and protection against vulnerabilities that have already been introduced. 

It also provides an EPSS score, which enables companies to more effectively prioritize what vulnerabilities to deal with. 

“Effective risk reduction approaches for cloud-native applications include taking a holistic approach to the SDLC — finding and remediating risks as they are introduced, from coding with secure practices to evaluating risks with runtime scanning post-deployment,” said Jeff Martin, vice president of product at “Mend for Containers brings’s leading detection and prioritization capabilities to container security, allowing developer teams to ensure quality and security every step of the way.”

The company will be showing a demo of the new solution at its booth (#2851) at the Black Hat security conference this week.