Start With Docker Scout

Docker Scout analyzes image contents and generates a detailed report of packages and vulnerabilities that it detects. It can provide you with suggestions for how to remediate issues discovered by image analysis.

This guide takes a vulnerable container image and shows you how to use Docker Scout to identify and fix the vulnerabilities, compare image versions over time, and share the results with your team.

Prerequisites

• Docker installed on your system.
• Docker Scout set up. If not, initialize it using the command below:

$ docker scout init

👉 Step 1: Setup

Clone its repository:

$ git clone https://github.com/docker/scout-demo-service.git

Move into the directory:

$ cd scout-demo-service

1. Make sure you’re signed in to your Docker account, either by running the docker login command or by signing in with Docker Desktop.
2. Build the image and push it to a <ORG_NAME>/scout-demo:v1, where <ORG_NAME> is the Docker Hub namespace you push to.

$ docker build --push -t <ORG_NAME>/scout-demo:v1 .

👉 Step 2: Enable Docker Scout