Docker Scout

Docker Scout compiles a Software Bill of Materials (SBOM) and matched against a vulnerability database to identify security vulnerabilities.

• https://docs.docker.com/scout/

• No high-profile vulnerabilities
• Fixable critical or high vulnerabilities
• Missing supply chain attestation (SBOM)

Related[edit]

• Docker Swarm
• ECR scanning
• Dependabot
• GitHub Advanced Security (GHAS)

See also[edit]

• Docker Scout, SBOM Attestation (Supply Chain Attestations remediation), Provenance attestation
• Docker Hub, toomanyrequests, Docker Hub Terraform provider, Docker Scout
• Container scanning, AWS ECR security image scanning, Docker Scout, dependabot, Grype, Coguard