Docker Scout

Container images consist of layers and software packages, which are susceptible to vulnerabilities. These vulnerabilities can compromise the security of containers and applications.

Docker Scout is a solution for proactively enhancing your software supply chain security. By analyzing your images, Docker Scout compiles an inventory of components, also known as a Software Bill of Materials (SBOM). The SBOM is matched against a continuously updated vulnerability database to pinpoint security weaknesses.

Docker Scout is a standalone service and platform that you can interact with using Docker Desktop, Docker Hub, the Docker CLI, and the Docker Scout Dashboard. Docker Scout also facilitates integrations with third-party systems, such as container registries and CI platforms.

Quickstart
Learn what Docker Scout can do, and how to get started.
Image analysis
Reveal and dig into the composition of your images.
Advisory database
Learn about the information sources that Docker Scout uses.
Integrations
Connect Docker Scout with your CI, registries, and other third-party services.
Dashboard
The web interface for Docker Scout.
Policy
Ensure that your artifacts align with supply chain best practices.
Upgrade
The free plan includes up to 1 repository. Upgrade for more.
Page options