docker scan

docker: 'scan' is not a docker command.
See 'docker --help'

docker scout

docker scan
Usage:  docker scan [OPTIONS] IMAGE

A tool to scan your images

Options:
      --accept-license    Accept using a third party scanning provider
      --dependency-tree   Show dependency tree with scan results
      --exclude-base      Exclude base image from vulnerability scanning (requires --file)
  -f, --file string       Dockerfile associated with image, provides more detailed results
      --group-issues      Aggregate duplicated vulnerabilities and group them to a single one (requires --json)
      --json              Output results in JSON format
      --login             Authenticate to the scan provider using an optional token (with --token), or web base token if empty
      --reject-license    Reject using a third party scanning provider
      --severity string   Only report vulnerabilities of provided level or higher (low|medium|high)
      --token string      Authentication token to login to the third party scanning provider
      --version           Display version of the scan plugin
"docker scan" requires exactly 1 argument

docker scan
Docker Scan relies upon access to Snyk, a third party provider, do you consent to proceed using Snyk? (y/N)

Related[edit]

• SCA
• Snyk
• Auditing: npm audit
• GitHub code scanning
• GitHub dependabot
• GitHub Advanced Security
• GitLab security scanner
• gcloud beta container images describe --show-package-vulnerability
• Amazon Inspector

See also[edit]

• docker scan
• Container scanning, AWS ECR security image scanning, Docker Scout, dependabot, Grype, Coguard