Links

Getting Started: Scan a Container Image with Docker

Use the RapidFort Command Line Interface (CLI) tools to scan a container image with Docker

Prerequisites

Before getting started, install the RapidFort CLI tools on your client system.

Scan the NGINX Docker Image

In this tutorial, we will scan the NGINX Docker image for packages and vulnerabilities.

Step 1: Log Into RapidFort

First, run rflogin to log into RapidFort. Enter your password if prompted.
rflogin <your-email-address>

Step 2: Scan the NGINX Docker Image

Run rfscan to scan the latest NGINX Docker image.
rfscan docker.io/nginx:latest
rfscan will automatically try to pull an image if it is not available locally. Please note that some registries require authentication. To learn more about how to configure rfscan to authenticate with registries, please view Registry Configuration.

Step 3: View Reports

By default, scan reports are saved to ~/rapidfort/reports/<timestamp>.
You can view packages, vulnerabilities, hardening estimates, and more information on the RapidFort Dashboard.

Next Steps

For more information on the RapidFort scanner, including container registry scanning, please refer to the following page: