Docker Image Assessment
Purpose
This document describes how to set up a Docker Image Assessment.
Introduction
The Docker image assessment evaluates the security risks and vulnerabilities associated with the Docker images used by an organization. Docker images are pre-configured software packages that contain all the necessary components to run an application and can be easily distributed and deployed in a container environment.
A Docker Image Assessment involves tools to identify the contents of the image and assess the security of the software components, including the operating system and any applications or services included in the image. Configuration errors or misconfigurations can create security vulnerabilities that can be exploited by attackers.
The results of Docker Image Assessments are used to prioritize vulnerabilities and develop a remediation plan. It may include updating the image with the latest security patches or configurations.
It is essential that Docker Image Assessments should be conducted regularly, as new vulnerabilities can be introduced as software is updated or new images are created.
Requirements
To access a private registry, a Docker account with its credentials are required.
When scanning a Docker image using OUTSCAN RC, a HIAB deployed as a container inspection scanner is required. For more information, see Use Appsec Scale with OUTSCAN RC
HIAB and OUTSCAN RC supports a Docker image scan. You can scan a Docker image if you have done a Docker discovery to retrieve the images available on your private Docker Registries.
Currently, it is only possible to scan images that are less than 1GB and type of Linux and with a 64 bit architecture.
Setting up a Docker Assessment Scan
Follow the below procedure to scan Docker images:
To create a Docker image assessment scan configuration, select Docker image assessment under Assessment.
Select Assets from the table displaying all the discovered images and the details of an image such as name, OS, architecture and size.
Select one or more images and click on ADD to save the scan configuration. The name of the scan configuration can be changed by editing it.
Click on the scan now icon in the blue toolbar at the bottom right to run the Docker image assessment scan.
View the scan status under Scans. Click on Scans on the Toolbar to view all scans performed on HIAB with the status starting 'QUEUED, STARTING, RUNNING, FINISHED'.
To view the vulnerability set of the scanned image, click on Findings, and select Vulnerabilities.
By default all Docker image vulnerabilities are displayed. You can filter the result by selecting All, No or Yes in the Potential column respectively.
All: view all vulnerabilities.
No: excluding any potential vulnerabilities.
Yes: view only potential vulnerabilities without a fix.
To display the Potential item in the column, select it from the column list and check the corresponding box.
The potential vulnerabilities are marked in the potential column with a green dot.
You can then select within the potential column the option you want.
See Scan a Docker Image for more information.
Related Articles
Copyright
© 2024 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Trademark
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.