I have been reading about Docker container scanning tools viz. Clair by CoreOs and Anchore. Both of them deal with static analysis of the container image to create a report of CVEs. What are some vulnerabilities that might not be covered in the static analysis of just the images? Are there tools which scan running containers and generate a CVE report for the same ?
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Security scanning of containers? | 1 | 2871 | June 1, 2017 | |
| Vulnerability scanning question | 1 | 371 | November 14, 2019 | |
| Official containers and security CVE issues | 0 | 822 | July 4, 2017 | |
| Vulnerability Scanning Process for Docker Containers on RHEL 9 | 3 | 100 | November 19, 2024 | |
| Best Practices With Security Scanning Docker Images | 0 | 578 | November 9, 2021 |