Docker Image Security Scans

Aptible proactively scans your Docker images for vulnerable system packages of any addressable vulnerabilities images using Clair.

What is scanned?

Docker image security scans look for vulnerable OS packages installed in your Docker images on supported Linux distributions:

Debian / Ubuntu: security scans scan for packages installed using dpkg or its apt-get frontend.
CentOS / Red Hat: security scans scan for packages installed using rpm or its frontends yum and dnf.
Alpine Linux: security scans scan for packages installed using apk.

Docker image security scans do not scan for:

packages installed from source (e.g., using make && make install).
packages installed by language-level package managers, such as bundler, npm, pip, yarn, composer etc. (third-party vulnerability analysis providers support those, and you can incorporate them using a CI process, for example).

Access Docker image security scans in the Aptible Dashboard by navigating to the respective app and selecting "Security Scan."

Accessing Security Scans in the Aptible Dashboard