oscap-docker
#Network & Cloud#Cloud Security
A small project for continuous auditing of internet-facing AWS services
Container Compliance Resources and Tools for Ensuring Container Integrity
Container Compliance Resources and tools to ensure the compliance of containers (such as rocket, docker, etc.). This includes assessing both running containers and cold images. Conducting vulnerability and compliance audits is essential. Additionally, performing a vulnerability scan on Docker images is crucial.
This command will attach a Docker image and perform a vulnerability scan
This command will attach to a Docker image, identify the OS variant and version, download the applicable CVE stream for the specified OS, and ultimately conduct a vulnerability scan.
To scan a Docker image using OpenSCAP, execute any OpenSCAP command within the chroot environment of the mounted Docker image.
For more information, refer to OSCAP_ARGUMENTS in the 'man oscap' documentation.
