Patent attributes
The present disclosure relates to related methods, systems, and media containing instructions for detecting security risks related to a software component deployable in a container-based runtime environment. The method comprises receiving a trigger, the trigger indicating that a layer of a container within the container-based runtime environment is to be checked for security risks. A check layer of the container is identified that is to be checked for security risks. A determination is made that a check for security risks has not been previously performed for the check layer according to a check criterion, and responsive to this determination, a determination is made that a security analysis indicates a security risk. Responsive to this determination, a remedial action may be initiated.
