2min chapter

DevOps and Docker Talk: Cloud Native Interviews and Tooling cover image

Securing Containers, First Steps in Docker and Kubernetes

DevOps and Docker Talk: Cloud Native Interviews and Tooling

CHAPTER

How to Scan a Docker Container

You have to scan your images, because these dependency scanners don't include the os dependencies. I don't know yet of a docker file dependency up dater. That would actually be pretty cool if we had a doc dependabot like scanner that would see that you have apt or yumdependencies in there and see if they're out of date. And for that, you could use tools like trivy so over at aqua security. This is a c v e scanner that you can scan your code,. You can actualy have it scann an image in a registry, so you can upload it, scan the registry. Or when you're building, which is what i prefer to

00:00

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode