Aptible PaaS logoDocs

Security Scans

Aptible can scan your Docker images for vulnerable system packages of any addressable vulnerabilities images using Clair on demand.

What is scanned?

Docker image security scans look for vulnerable OS packages installed in your Docker images on supported Linux distributions:

  • Debian / Ubuntu: security scans scan for packages installed using dpkg or its apt-get frontend.
  • CentOS / Red Hat: security scans scan for packages installed using rpm or its frontends yum and dnf.
  • Alpine Linux: security scans scan for packages installed using apk.

Docker image security scans do not scan for:

  • packages installed from source (e.g., using make && make install).
  • packages installed by language-level package managers, such as bundler, npm, pip, yarn, composer etc. (third-party vulnerability analysis providers support those, and you can incorporate them using a CI process, for example).

Accessing security scans

Access Docker image security scans in the Aptible Dashboard by navigating to the respective app and selecting "Security Scan."

Accessing Security Scans in the Aptible Dashboard