Table of Contents

Docker - Vulnerability Scanning Tools - Clair
- Usage
- Install
- References

Docker - Vulnerability Scanning Tools - Clair

Clair is an open-source project for the static analysis of vulnerabilities in application containers.

Clair analyzes container images and compares them against known vulnerabilities.

Usage

clair-scanner --ip <IP> <image-name>

NOTE: Pass the IP of the Clair server along with the Docker image to analyze.

Install

Clair is officially packaged and released as a container at quay.io/projectquay/clair.

The latest tag tracks the git development branch, and version tags are built from the corresponding release.

References

https://github.com/quay/clair

https://github.com/quay/clair/releases