How to Run a Container Scan: A Step-by-Step Guide

Introduction

Container scanners for Docker images analyze the contents of container images, including operating system packages, libraries, and dependencies, to identify potential security issues such as outdated software versions, misconfigurations, or known vulnerabilities. 

This guide details how to initiate and complete an CONTAINER scan of docker image on the platform.

Prerequisites:

1. You should be signed in with CloudDefense.ai. If not, please refer to our guide on creating a CloudDefense.ai account.

2. To integrate Docker Hub, users must have the following requirements available.

• Docker Hub account 

• Private images in Docker Hub

Step 1: Navigation to CONTAINER scanner 

• Click on  “Applications” on Navbar

• Click the green “SCAN” button on the left side of the page, and choose “Other” to proceed.

• After clicking on “Other” select  “Docker Hub” 

To scan public Docker Images

Step 1. Click on “Public Images” inside “applications -> scan -> other -> Docker Hub”

Step 2: input image name and enter “RUN SCAN” button 

To scan private Docker Images

Step 1: Create Access Token in Docker Hub.

Go to ‘Account settings’ -> ‘Security’ -> ‘New Access Token’. Fill “Access Token Description” and choose Read-Only access permission in “Access Permission” :

Click on ‘Generate’ and copy your Docker Hub ID and Access Token:

Step 2: Add Docker Hub integration in CloudDefense.

Go to ‘Integrations’ -> ‘Container Coverage’ -> ‘Docker Hub’. Paste your Docker Hub ID and Access token and click ‘Configure’:

Step 3: Scan your private images.

After successful configuration you can scan your own images.

Go to the ‘Integrations’ -> ‘Container Coverage’ -> ‘Docker Hub’ or ‘Applications’ -> ‘Scan’ -> ‘Other’ -> ‘Docker Hub’ -> ‘Your own images’ and choose the image (images) you want to scan:

To understand container scan results, please visits this page  :  Container results