Hello there, i have a quick question, that proabably can be googled, but i don’t seem to find a clear answer.
Which images, that get published to Docker Hub, actually get scanned for vulnerabilites (by Docker Hub)?
Is it every image or only the offical and certified ones? How can i see, which image was scanned and which not? Or am i completly off and Docker Hub itself does not do any sercurity scanning and instead every developer is responsible for scanning their images?
I feel like everwhere I look, I get different answers, that’s why I’m asking.