I have been reading about Docker container scanning tools viz. Clair by CoreOs and Anchore. Both of them deal with static analysis of the container image to create a report of CVEs. What are some vulnerabilities that might not be covered in the static analysis of just the images? Are there tools which scan running containers and generate a CVE report for the same ?
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Vulnerability scanning question | 1 | 374 | November 14, 2019 | |
| Security scanning of containers? | 1 | 2877 | June 1, 2017 | |
| Docker image vulnearabilty scanner | 0 | 404 | March 17, 2021 | |
| How to check docker container security? | 4 | 260 | January 27, 2025 | |
| Vulnerability Scanning Process for Docker Containers on RHEL 9 | 3 | 122 | November 19, 2024 |