logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

oscap-docker - Tool for running oscap within docker container or image

Contents

Authors

       Šimon Lukašík <slukasik@redhat.com>

Red Hat, Inc.                                     January 2016                                   oscap-docker(8)

Description

       oscap-docker  tool  can asses vulnerabilities or security compliance of running Docker containers or cold
       Docker images. OpenSCAP tool oscap(8) is used underneath. Definition of vulnerabilities (CVE  stream)  is
       downloaded from product vendor.

   CompliancescanofDockerimage
       Usage: oscap-docker image IMAGE_NAME OSCAP_ARGUMENT [OSCAP_ARGUMENT...]

       Run  any  OpenSCAP  oscap(8) command within chroot of mounted docker image. Learn more about arguments in
       oscap(8) man page.

   CompliancescanofDockercontainer
       Usage: oscap-docker container CONTAINER_NAME OSCAP_ARGUMENT [OSCAP_ARGUMENT...]

       Run any OpenSCAP oscap(8) command within chroot of mounted docker container. Result of this  command  may
       differ from scanning just an image due to defined mount points.

   VulnerabilityscanofDockerimage
       Usage: oscap-docker image-cve IMAGE_NAME [--results oval-results-file.xml [--report report.html]]

       Attach  docker  image,  determine OS variant/version, download CVE stream applicable to the given OS, and
       finally run vulnerability scan.

   VulnerabilityscapofDockercontainer
       Usage: oscap-docker container-cve CONTAINER_NAME [--results oval-results-file.xml [--report report.html]]

       Chroot to running container, determine OS variant/version, download CVE stream applicable to the given OS
       and finally run a vulnerability scan.

       In order to use different oscap(8) binary pass it like --oscap=<path/to/oscap>, as the first argument.

Name

       oscap-docker - Tool for running oscap within docker container or image

Reporting Bugs

       Please report bugs using https://github.com/OpenSCAP/openscap/issues

Security Policies

SCAP-Security-Guide package contains multiple configuration policies.

        RedHatCVEstreamcanbefoundonline - https://www.redhat.com/security/data/metrics/

See Also

Man Pages
oscap Man Pages
Man Pages
docker Man Pages
Image
Image PNG Icons
Container
Container PNG Icons
MCP
Argumentation-logic-engines Mcp
Man Pages
names Man Pages
Installerpedia
trimstray/the-practical-linux-hardening-guide Installerpedia
Report
Report PNG Icons
Man Pages
LWP::Authen::OAuth2::ServiceProvider::Withings Man Pages
← View System admin Category← Back to Network service daemons🙏  Credits & Acknowledgments