DEV Community

Cover image for Docker Scout
Ibrahim S
Ibrahim S

Posted on

Docker Scout

Docker scout is the replacement of the legacy docker scan. Docker Scout analyzes image contents and generates a detailed report of packages and vulnerabilities that it detects. Docker Scout can also help provide you with suggestions for how you can remediate issues discovered by this analysis.

Docker images by analyzing their contents and generating a detailed report of any vulnerabilities detected during the process.

Image description

Docker Scout’s key features include inspecting for common vulnerabilities and exposures (CVE),providing security recommendations, and seamless integration with continuous integration, continuous delivery (CI/CD) workflows, helping you discover and remediate vulnerabilities during development.

Docker scout can be used with the two below integration methods

  1. Image analysis in the docker hub

  2. Artifactory Integration

Docker Scout*analyzes new tags automatically when you push to that repository. Advanced image analysis is more than point-in-time scanning*, the analysis gets reevaluated continuously, meaning you don’t need to re-scan the image to see an updated vulnerability report.

To automatically analyze images running in remote environments you need to deploy the Docker Scout Artifactory agent. The agent is a standalone service that analyzes images and uploads the result to Docker Scout.

Read more https://docs.docker.com/scout/quickstart/

Top comments (0)