Docker

Docker¶

cehckov¶

It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Helm charts, Kustomize, Dockerfile, Serverless, Bicep, OpenAPI or ARM Templates and detects security and compliance misconfigurations using graph-based scanning.

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages

Tools¶

Install Dockle
Install Hadolint
Install Trivy
Install Anchore and anchore-cli
Install Clair and clair-scanner
Instal Inspec
Install OpenSCAP
Activate Snyk

Dockle¶

hadolint¶

Trivy¶

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Scan for Vulnerabilities:

trivy image python:3.4-alpine