How JW Player Secured 300 Repos in an Hour with Docker Scout

In a world where technology continually advances, the demand for reliable, scalable, and up-to-date development environments remains constant. To meet this demand, organizations must invest in tools that offer flexibility, adaptability, and a team capable of maintaining these environments. 

For companies like JW Player, whose core business revolves around streaming, content, and infrastructure, security must be a priority without slowing down delivery or affecting operations. In this article, we’ll share how JW Player uses Docker to help meet such challenges, including how JW Player enabled more than 300 repositories for Docker Scout within just one hour. 

JW Player: Streaming excellence

As a global leader in video streaming, JW Player has long been at the forefront of technological innovation. With a mission to empower their customers through monetization, engagement, and seamless video delivery, JW Player’s services have facilitated the streaming of more than 860 billion videos and counting. However, this remarkable achievement comes with its own set of complex technical challenges.

Operating at this scale, JW Player relies on a multitude of technologies, thousands of nodes, and an extensive fleet of multiple Kubernetes clusters. Docker, a fundamental pillar of JW Player’s workflow, plays an indispensable role in the organization’s daily operations. By leveraging their dev teams’ existing adoption of Docker, JW Player enabled more than 300 repositories for Docker Scout within just one hour. 

 JW Player shared their impressive technical accomplishments at DockerCon 2023:

860B+ streamed videos

8.5k containers

300+ repositories enabled for Docker Scout in 1 hour

“In fact, it was so easy, we didn’t have to wait weeks or months for development teams to go update their development pipeline. We were able to get more than 300 repositories running on our first day using the product in under an hour,” says Stewart Powell, Engineering Manager at JW Player.

The Docker difference

Earlier this year, JW Player set out with a clear objective: to implement a comprehensive image vulnerability management program while preserving their core engineering values. Central to this vision was the empowerment of development teams, allowing them to retain full ownership of their build and release pipelines. This seemingly ambitious goal posed a challenge of integrating software supply chains into various build and release pipelines without overburdening the DevOps team.

With Docker Scout, the solution was surprisingly straightforward. By ticking a few boxes in Docker Hub, JW Player provided its developers with a comprehensive software supply chain and image vulnerability management program without adding extra workload to their team. In fact, they achieved this without waiting for weeks or months for development teams to update their pipelines; more than 300 repositories were up and running within an hour.

“With Docker Scout, we were able to go into Docker Hub, check a box, and with virtually no effort from my team whatsoever, were able to provide developers with a comprehensive software supply chain and image vulnerability management program with no effort,” Powell says.

JW Player recognizes the importance of offering their entire engineering organization a unified overview of their security posture. This transparency and accountability is essential for any successful security program. Docker Scout excels in providing a central portal for developers to see all the critical information needed to make decisions about the entire software supply chain. Developers receive near real-time feedback on container health and security, while also giving the security team tools to prioritize and remediate areas as needed.

Try Docker Scout

As JW Player’s journey shows, Docker Scout empowers organizations to streamline their development processes, enhance security, and maintain innovation at scale. At an even higher level, Docker Scout makes it even easier for developers to build quality, resilient, and trustworthy solutions. 

Try Docker Scout today.

Learn more

Looking to get up and running? Use our Quickstart guide.

Watch the JW Player presentation during the keynote at DockerCon.

Watch What’s in My Container? Docker Scout CLI and CI to the Rescue (DockerCon 2023).

Watch Docker Scout: Securing The Complete Software Supply Chain (DockerCon 2023).

Vote on what’s next! Check out the Docker Scout public roadmap.

Have questions? The Docker community is here to help.

New to Docker? Get started.

Quelle: https://blog.docker.com/feed/

Published by