Scan images and container registries with RapidFort
rfscan is included with the RapidFort Command Line Interface (CLI) tools.
- The client system must meet the minimum requirements to install the RapidFort CLI tools.
- The client system must have sufficient storage space to accommodate pulling images that are not currently available locally and temporarily exporting images to disk.
- Note that rfscan will check if there is sufficient space before exporting images and will attempt to clean up temporary directories and files after exporting and scanning images.
- The client system must be able to run Docker containers as root.
- The client system must have access to Amazon S3 so that rfscan can download dependencies.
- The client system must provide write access to a folder where rfscan can save scan reports.
- By default, rfscan will save scan reports in
- This can be overridden with the
--reports_foldercommand line parameter.
rfscan supports scanning the following types of container registries:
- Docker Hub
- Amazon Elastic Container Registry (ECR)
- Microsoft Azure Container Registry (ACR)