Security News > 2020 > June > New version of CloudBees CI solution meets stringent US DoD standards
The new release of CloudBees CI is available immediately and enables DoD and civilian agencies of the U.S. federal government, as well as enterprises in private industry, to drive more value through their software delivery pipelines while lowering security risk.
Platform One provides platforms that are already accredited and can only use containerized software with an approved CtF. "With the CtF, CloudBees CI can be readily used by DoD agencies, as well as civilian agencies and federal system integrators," said Michael Wright, director, federal sector, at CloudBees.
CloudBees CI provides a hardened Docker container image which is placed in the Department of Defense Centralized Artifact Repository, the storage repository maintained by the DoD. Teams from any DoD or civilian agency can access and simply pull the hardened Docker container image out of DCAR. The solution has been engineered to minimize the use of any libraries or components that have known security vulnerabilities.
If a team uses a library to execute http communication between a CloudBees CI master and agent, the functionality within CloudBees CI ensures secure ports and protocols are used at both ends.
The new hardened version of CloudBees CI can not only help agencies transform to secure DevSecOps processes - but also enterprises operating in highly regulated industries or those simply wanting heightened security capabilities.