Find Vulnerabilities Fast! New Docker CLI Command: Docker Scout

Подписаться 64 тыс.

Просмотров 6 тыс.

50% 1

Docker Desktop recently added the "docker scout" group of commands. They help to scan container images for known vulnerabilities so you can build more secure images!
If you want to learn more about docker and containers, check out my course: Complete Docker Course - From BEGINNER to PRO! ( • Complete Docker Course... )
---
Docker Scout Documentation: docs.docker.com/scout/
Kubecon Europe 2023 Talk about tricking container image scanners: • Malicious Compliance: ...
---
Join the Community:
💬 Discord: / discord
💻 GitHub: github.com/sidpalas/devops-di...
🐥 Twitter: / sidpalas
👨‍💼 LinkedIn: / sid-palas
🌐 Website: devopsdirective.com
---
Community size at time of posting:
- Subscribers: 41660
- Channel Views: 1311217

Наука

Опубликовано:

5 июн 2023

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 9

@georgiitrofymov135 9 месяцев назад

Oh, cool review, thanks. Helped me to deal with the fear of "first step"

@mokiloke 11 месяцев назад

What works best, Trivy, Grype or Scout?

@estebanlopez5372 11 месяцев назад

Hey what happened to you? You are one of the most talented teacher I've ever known, thanks a lot for sharing your wisdom :)

@DevOpsDirective 11 месяцев назад

Well… I had a baby and picked up a consulting contract so my RU-vid time dropped to near zero 😅 I’ve got a discord if your want to come chat DevOps while im on my video making hiatus discord.devopsdirective.com

@atharvashirdhankar4778 Год назад

Awesome feature by docker I need to try out😮

@DevOpsDirective Год назад

I like that the CVE scanner is built into docker desktop, but as I mentioned in the video the recommendation feature could use some work!

@atharvashirdhankar4778 Год назад

Yes for sure. Even the actions will be handy to automate and create report regarding the image. Thats great update from Docker team.

@sloughpacman Год назад

A bit of a circuitous video. There are many use cases for containers, but make sure that corporate or personal security does not depend upon them. Making security changes to containers through scout, Trivy, Grype and Snyk is always going to be more trouble than it is worth because Docker is simply referencing the CVE database without any real intuition of the fixes. If you find yourself in a role securing containers all day every day then the use case is wrong and you are being made a scapegoat.

@DevOpsDirective Год назад

Thanks for the comment! Do you think that surfacing (and remediating/avoiding) known CVEs at some point in the development lifecycle is important? Would you prefer to scan against your source directly rather than in the container image? To me it makes the most sense to scan the container image since it represents the environment that will be deployed (and potentially attacked).