docsCreated with Sketch.

Docker Scout

Container images are often built from layers of other container images and software packages. These layers and packages can contain vulnerabilities that make your containers and the applications they run vulnerable to attack.

Docker Scout can proactively help you find and fix these vulnerabilities, helping you create a more secure software supply chain. It does this by analyzing your images and creating a full inventory of the packages and layers called a Software bill of materials (SBOM)open_in_new. It then correlates this inventory with a continuously updated vulnerability database to identify vulnerabilities in your images.

You can use Docker Scout in Docker Desktop, Docker Hub, the Docker CLI, and in the Docker Scout Dashboard. Docker Scout also supports integrations with third-party systems, refer to Integrating Docker Scout for more information.

explore
Quickstart
Learn what Docker Scout can do, and how to get started.
radar
Image analysis
Reveal and dig into the composition of your images.
database
Advisory database
Learn about the information sources that Docker Scout uses.
multiple_stop
Integrations
Connect Docker Scout with your CI, registries, and other third-party services.
dashboard
Dashboard
The web interface for Docker Scout.
policy
Policy Early Access
Ensure that your artifacts align with supply chain best practices.
upgrade
Upgrade
The free plan includes up to 3 repositories. Upgrade for more.