Integrating Docker Scout with other systems

Early Access

Docker Scout secures the complete software supply chain by providing image analysis, real-time vulnerability identification, contextual remediation recommendations, and more. Now available in early access.

Learn more on the Docker Scout product pageopen_in_new.

By default, Docker Scout integrates with your Docker organization and your Docker Scout-enabled repositories on Docker Hub. You can integrate Docker Scout with additional third-party systems to get access to even more insights, including realtime information about you running workloads.

Integration categories

You'll get different insights depending on where and how you choose to integrate Docker Scout.

Container registries

Integrating Docker Scout with third-party container registries enables Docker Scout to run image analysis on those repositories, so that you can get insights into the composition of those images even if they aren't hosted on Docker Hub.

The following container registry integrations are available:

• Artifactory
• Amazon Elastic Container Registry

Continuous Integration

Integrating Docker Scout with Continuous Integration (CI) systems is a great way to get instant, automatic feedback about your security posture in your inner loop. Analysis running in CI also gets the benefit of additional context that's useful for getting even more insights.

The following CI integrations are available:

• GitHub Actions
• GitLab
• Microsoft Azure DevOps Pipelines
• Circle CI
• Jenkins

Environment monitoring

Environment monitoring refers to integrating Docker Scout with your deployments. This can give you information in realtime about your running container workloads.

Integrating with environments lets you compare production workloads to other versions, in your image repositories or in your other environments.

For more information about environment integrations, see Environments.