Docker Scout

• Provides image analysis to scan security vulnerabilities
• Generates actionable insights over app security
• Shift left the identification of securities flaws (early in the software development lifecycle)
• Free for Docker-Sponsored Open Source (DSOS) projects https://www.docker.com/blog/docker-scout-software-supply-chain-solution-for-open-source-projects/
• A dashboard can be generated for pushed images (docker hub or any other registry integrated) and it's visible on https://scout.docker.com/reports/org/hvitoi/overview

Steps

1. Analyze
2. Remediate
3. Evaluate

Products

• Scout: security scan
• BuildCloud: remote image build