Docker Image Security Scans
Aptible proactively scans your Docker images for vulnerable system packages of any addressable vulnerabilities images using Clair.
What is scanned?
Docker image security scans look for vulnerable OS packages installed in your Docker images on supported Linux distributions:
- Debian / Ubuntu: security scans scan for packages installed using
- CentOS / Red Hat: security scans scan for packages installed using
rpmor its frontends
- Alpine Linux: security scans scan for packages installed using
Docker image security scans do not scan for:
- packages installed from source (e.g., using
make && make install).
- packages installed by language-level package managers, such as
composeretc. (third-party vulnerability analysis providers support those, and you can incorporate them using a CI process, for example).
Accessing security scans
Access Docker image security scans in the Aptible Dashboard by navigating to the respective app and selecting "Security Scan."