Using the “docker” command is an everyday occurrence for many of us these days. After a recent update it is now possible to “scan” newly built docker images for security vulnerabilities. This talk will present what this means, how it works and what technology is used to provide the service. We will first show what happens when a container image is scanned and then how the scan result is analysed and processed. We will also discuss the challenges involved with developing and supporting such a feature in partnership with Docker, Inc.
Securing docker images – the technology behind “docker scan”
About Dr. Matthais Ladkau
Matthias is an open-source enthusiast and engineering manager at Snyk. Coming originally from a computer science research background he is an engineer at heart who cares deeply about the people around him and making the life of every software developer a little more secure. Offline, Matthias plays the cello and likes to be out and about with family and friends.