Docker-Security icon indicating copy to clipboard operation
Docker-Security copied to clipboard
verified publisher icon OWASP

Image Scanning in D02

Open drwetter opened this issue 6 years ago • 2 comments

Hi *,

I could need some help wrt to image scanning for known vulnerabilities, see D02 --> How can I find out? --> Automatic.

Preferably short and "crispy"

Cheers, Dirk

drwetter avatar Sep 30 '19 06:09 drwetter

https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html Rule #9 lists the most popular image vulnerability scanners

ssyms avatar Jan 06 '20 18:01 ssyms

Thanks.

I was aiming not for a tool listing, this I can do myself (and there are better listings btw.). What would be useful is "good" selection of the plethora out there, a short description what exactly it scans/what to expect from it and how to use it (CI/CD chain, cmdline, ...).

drwetter avatar Jan 06 '20 18:01 drwetter