docsCreated with Sketch.

Docker Scout

Early Access

Docker Scout secures the complete software supply chain by providing image analysis, real-time vulnerability identification, contextual remediation recommendations, and more. Now available in early access.

Learn more on the Docker Scout product pageopen_in_new.

Container images are often built from layers of other container images and software packages. These layers and packages can contain vulnerabilities that make your containers and the applications they run vulnerable to attack.

Docker Scout can proactively help you find and fix these vulnerabilities, helping you create a more secure software supply chain. It does this by analyzing your images and creating a full inventory of the packages and layers called a Software bill of materials (SBOM)open_in_new. It then correlates this inventory with a continuously updated vulnerability database to identify vulnerabilities in your images.

You can use Docker Scout in Docker Desktop, Docker Hub, the Docker CLI, and in the Docker Scout Dashboard. Docker Scout also supports integrations with third-party systems, refer to Integrating Docker Scout for more information.

Info

The Docker Scout free plan gives you unlimited local image analysis and up to 3 remote repositories. If you need more, upgrade your plan.

explore
Quickstart
Learn what Docker Scout can do, and how to get started.
radar
Image analysis
Reveal and dig into the composition of your images.
database
Advisory database
Learn about the information sources that Docker Scout uses.
multiple_stop
Integrations
Connect Docker Scout with your CI, registries, and other third-party services.
dashboard
Dashboard
The web interface for Docker Scout.
policy
Policy Beta
Ensure that your artifacts align with supply chain best practices.