Vulnerability Scanning with Docker Scout
Learn about Docker Scout, a tool that detects vulnerabilities in Docker images, offering insights and remediation steps.
We'll cover the following
Docker Scout
Lots of tools and plugins exist that scan images for known vulnerabilities. We’ll look at Docker Scout, as it’s built into almost every level of Docker, including the CLI, Docker Desktop, Docker Hub, and the scout.docker.com
portal. It’s a very slick service, but it requires a paid subscription. Other similar products and services exist, but most require paid subscriptions.
Recent versions of Docker Desktop have the Scout CLI plugin pre-installed and ready to go. If you’re running a different version of Docker, you may be able to install the CLI plugin from the GitHub repo. You can use the docker scout quickview
command to get a quick vulnerability overview of an image. The following command analyses the nigelpoulton/tu-demo:latest
image. If a local copy doesn’t exist, it pulls it from Docker Hub and performs the analysis locally.
Note: We’ve not provided a playground in this lesson as this command requires a paid subscription.
Get hands-on with 1200+ tech skills courses.