Docker recently added “docker scan” capabilities to the Docker CLI on Linux.
In the announcement blog post, Marina Kvitnitsky says “the experience of scanning on Linux is identical to what we have already launched for Desktop CLI, with scanning support for linux/amd64 (x86-64) Docker images.” The CLI command is the same and supports all of the same options.
“Vulnerability reports are also the same,” Kvitnitsky says, showing each vulnerability, along with “information about severity levels, the image layers where vulnerabilities are manifested, the exploit maturity and remediation suggestions.”
According to the announcement, the major difference with scanning on Linux is that instead of upgrading your Docker Desktop, you will need to install or upgrade your Docker Engine. You can get directions for installing the Engine as well as more information about the “docker scan” command in the Docker documentation.
Comments