Container images are often built from layers of other container images and software packages. These layers and packages can contain vulnerabilities that make your containers and the applications they run vulnerable to attack.
Docker Scout can proactively help you find and fix these vulnerabilities, helping you create a more secure software supply chain. It does this by analyzing your images and creating a full inventory of the packages and layers called a Software bill of materials (SBOM). It then correlates this inventory with a continuously updated vulnerability database to identify vulnerabilities in your images.
You can use Docker Scout in Docker Desktop, Docker Hub, the Docker CLI, and in the Docker Scout Dashboard. Docker Scout also supports integrations with third-party systems, refer to Integrating Docker Scout for more information.