Opticca Security Container Security (CS) is a solution designed to secure containerized workloads across the full software development lifecycle (SDLC), from development through to production. The product addresses vulnerability management by integrating with the CI process, container registries, and production environments to identify and prioritize vulnerabilities and risk across hosts, containers, and images. Compliance enforcement is built into CI/CD pipelines, allowing users to set thresholds that alert or block code during build or deployment, as well as in production environments. Registry security is provided to prevent intrusions or vulnerabilities within the container registry from being used to compromise running applications. Runtime protection is offered to secure running containers, with layer 3 and layer 7 cloud-native firewalls and runtime defense mechanisms. Access control uses a least-privileged model, where Docker and Kubernetes activity is explicitly whitelisted based on user roles. Host OS protection includes vulnerability scanning, hardening based on CIS Benchmarks, and controls against improper access (Docker, SSH, and sudo commands) and file tampering. Static Application Security Testing (SAST) is integrated to enable frequent code analysis, targeting both client-side and server-side vulnerabilities.