Mirantis Secure Registry
Secure Software Supply Chain
Mirantis Secure Registry (formerly Docker Trusted Registry) provides an enterprise grade container registry solution that can be easily integrated to provide the core of an effective secure software supply chain.
Image scanning & signing
Secure software supply chain
Secure Containers Everywhere
Security is often an afterthought during application development and lifecycle management. Images can contain vulnerabilities, putting your cloud native environments at risk. With Mirantis Secure Registry — part of Mirantis Container Cloud — you can securely store, share and manage images in your own private container registry to automate the security of your software supply chain. Trust the provenance and content of your applications and ensure a secure separation of concerns with Mirantis Secure Registry. Our comprehensive, built-in security enables you to verify and trust the automated operations and integration with CI/CD to speed up application testing and delivery.
Automated Security for Cloud Native Environments
Secure artifacts with policies and role-based access control to ensure your container images are scanned and free from vulnerabilities.
Seamlessly Share Any Application, Anywhere
Improve DevOps collaboration while maintaining clear boundaries. Create and push multi-service applications and images and make them accessible within your company.
Promote and Distribute Your Images to Where You Need Them
Automatically promote images from testing to production in a controlled way, ensuring that they meet the security minimums that you define, then mirror containerized content to distributed teams with policy-based controls.
Automate Your Development-to-Production Pipeline
Integrate Mirantis Secure Registry to your development pipeline with webhooks. Policy-based promotion automates compliance checks to secure your application supply chain.
Key Features & Capabilities
Integrate with internal user directories to implement fine-grained access policies in Mirantis Secure Registry. Multiple repositories can be linked to provide a separation of duties from development through production.
Get unprecedented insight into the software and libraries your organization is using and your exposure to known security threats. With this optional feature of Mirantis Container Cloud, images are scanned at the binary level, then correlated with a regularly updated CVE vulnerability database.
Mirantis Secure Registry uses Notary’s implementation of the TUF spec (the same technology that’s behind Docker Content Trust) to digitally sign and verify both the contents and publisher of images. Developers and CI tools can apply signatures so downstream users and automation tools can verify image authenticity before running.
Caching and mirroring
Distributed teams and production environments require images to be available in multiple sites. Container image repositories can be mirrored and cached, putting images right where they are needed and avoiding network bottlenecks.
Container images may be lightweight, but that does not mean you want to store every image your team or CI tool creates forever. Automatically clean up images based on policy controls such as the date of the last update or the number of recent images you want to keep.
Policy-based image promotion
Streamline your development and delivery pipeline and enforce security controls with promotion policies that automatically gate images, ensuring only approved content makes its way to production.