Docker Cloud can scan images in private repositories to verify that they are free from known security vulnerabilities or exposures, and report the results of the scan for each image tag. To learn more, see Security scanning in Docker Cloud.
Q. Does Docker Security Scanning support teams and organizations?
Currently, Docker Cloud does not provide support for creating teams or organizations. Docker Security Scanning will be made available to teams and organizations when those features are available.
Q. Will Docker Security Scanning check public repositories?
Currently, all official repositories are continuously scanned and private repositories are scanned during a push. In the future, we will extend this to public repositories. Stay tuned!
Q. Which CVE databases does Docker Security Scanning use?
Docker Security Scanning uses all the major Common Vulnerabilities and Exposures (CVE) databases such as MITRE, NIST NVD, and others.
Q. Does Docker Security Scanning support Microsoft Windows images?
Yes, Docker Security Scanning will scan images based on Microsoft Windows.