Skip to content
/ container_scans Public

Information regarding tools and configurations to carry out Docker container scans

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

canit00/container_scans

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
images
images
 
 
README.md
README.md
 
 

Repository files navigation

container_scans

Information regarding tools and configurations to carry out Docker container scans

Install Red Hat's OpenScap scanner via a container

Please note that if you are sitting behind a proxy you'll need to run the following command prior to the install command.

export http_proxy=http:https://proxyserver.domain.com:8080

sudo atomic install registry.access.redhat.com/rhel7/openscap

For disconnected environments you can mirror RH's oval definitions and point your OpenScap scanner to your internal mirror.

[URL]

https://www.redhat.com/security/data/oval/

[OpenScap configuration - Atomic Host]

/etc/oscapd/config.ini

[CVEScanner]
fetch-cve = yes # change to yes
#fetch-cve-url = https://www.redhat.com/security/data/oval/
fetch-cve-url = http:https://<internal_mirror.com>/oscap_oval-oscap_oval/ # set to internal repository
fetch-cve-timeout = 600

Results after running an atomic scan on a Docker image

scan image

About

Information regarding tools and configurations to carry out Docker container scans

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published