Yes. Even images built internally are often based on external base images and can contain complete packages from open-source repositories. Given recent incidents of repository poisoning and weak governance of open-source projects, organizations must take charge of ensuring the security of components used in internally built images.
Do I need DTA if my organization is using only internally built images? Print
Created by: Amit Bismut
Modified on: Wed, 15 Apr, 2020 at 11:55 AM
Did you find it helpful?Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.