Integrate Docker Scout with Vulnetix. Scan container images for CVEs using Docker Scout and export SARIF findings or CycloneDX SBOMs for upload to Vulnetix.

CLI toolSARIFCycloneDXSPDX

Install & scan

$ # Docker Scout is included in Docker Desktop and Docker Engine 24.0+
docker scout version

# Or install the CLI plugin
curl -fsSL https://raw.githubusercontent.com/docker/scout-cli/main/install.sh | sh
$ # Scan for CVEs with SARIF output
docker scout cves myimage:latest --format sarif --output docker-scout.sarif

# Generate CycloneDX SBOM
docker scout sbom myimage:latest --format cyclonedx --output docker-scout.cdx.json

Run Docker Scout in CI

Scan on every push and upload the results to Vulnetix:

- name: Build image
  run: docker build -t myapp:${{ github.sha }} .

- name: Scan with Docker Scout
  run: |
    docker scout cves myapp:${{ github.sha }}       --format sarif --output docker-scout.sarif

- name: Upload to Vulnetix
  run: vulnetix upload --file docker-scout.sarif

Centralise Docker Scout results in Vulnetix

Upload Docker Scout SARIF, CycloneDX, SPDX output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.

Docker Scout documentation ↗

Wire Docker Scout into your CI/CD pipeline →

Docker Scout Integration Guide

Install & scan

Run Docker Scout in CI

Centralise Docker Scout results in Vulnetix