[CentOS-virt] Docker container scanner on CentOS?
Rafał Radecki
radecki.rafal at gmail.comTue Feb 21 08:31:29 UTC 2017
- Previous message: [CentOS-virt] Network Problem
- Next message: [CentOS-virt] New 4.9.11-22 kernels and linux-firmware packages to test in xen-testing for CentOS-6 and CentOS-7
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi All. I am currently searching for a decent image/container/registry scanner. I would like to be able to check images for CVE, at the moment I am using rhel/centos/ubuntu/debian based images. I tried on CentOS7: - openscap (oscap-docker): needs atomic for installation, allows scanning of rhel based images only; - atomic: allows scanning of rhel based images only; - clair: usable in theory for rhel/centos/ubuntu/debian images but in practice I encountered problems with analyze-local-images and hyperclair "cli" tools and API does not allow automatization; - banyan collector/dockscan/drydock: seem to be stale or not enough mature to be considered; - nessus: seems to be an overkill for my usecase. I am now looking into: - aqua (commercial); - twistlock (commercial); - blackduck docker scanner (commercial). Can you share info about what you are using to scan docker images? Any proposals for my usecase? Thanks! BR, Rafal. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20170221/a3c8d5de/attachment.html>
- Previous message: [CentOS-virt] Network Problem
- Next message: [CentOS-virt] New 4.9.11-22 kernels and linux-firmware packages to test in xen-testing for CentOS-6 and CentOS-7
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-virt mailing list