The meetup started with Nathan presenting on securing the software supply chain with Docker (read this blog post on the recently GA Docker Security Scanning for more info). At the end of his presentation, Nathan answered attendees’ questions about Docker security. Scroll down to watch the recorded video and slides from Nathan’s presentation at Docker Online Meetup #39.
Docker Security Scanning
Docker Security Scanning is available today in Docker Cloud for private repo plan customers for a limited time free trial. You can also see scan results for Docker’s Official Images on Docker Hub as long as you are logged in, regardless of if you are a subscriber or not. Security scanning will be expanding soon to Docker Datacenter and Docker Cloud public repo users.
Try in Docker Cloud:
To try this feature, go to Account Settings > Plans and select the checkbox. Once activated, the three most recent tags for each private repo will be scanned and the resulting BOM displayed in the tags section within 24 hours. Afterwards, Docker Security Scanning will scan your image tag every time you push.
The screenshot below shows the plans page of a user with a 5 private repo plan. The checkbox to opt-in to Docker Security Scanning appears at the bottom of the Plan summary.
If you have a Docker Hub account and have never tried Docker Cloud – don’t worry! Your same login credentials work in Docker Cloud. The native integration ensures that your Docker Hub repos display within the Docker Cloud “Repositories” section. Private repo plans start at $7 per month for 5 private repositories and are available within Docker Cloud.
More Resources on Docker Security Scanning:
- Sign up today for Docker Cloud
- Watch the recorded webinar
- Read the Security Scanning documentation and the documentation on Docker Security
- Learn more about The Modern App Platform
Learn More about Docker
- New to Docker? Try our 10 min online tutorial
- Share images, automate builds, and more with a free Docker Hub account
- Read the Docker 1.11 Release Notes
- Subscribe to Docker Weekly
- Sign up for upcoming Docker Online Meetups
- Attend upcoming Docker Meetups
- Register for DockerCon 2016
- Watch DockerCon EU 2015 videos
- Start contributing to Docker