Scanning Docker images

Learn how to scan Docker images with Debricked.

Debricked doesn't have official Docker image support yet, but scanning is possible using the following workaround.

To scan Docker images with Debricked:

  1. Install and run the Docker SBOM CLI plugin, https://github.com/docker/sbom-cli-plugin, in order to generate a CycloneDX report. Make sure to change the format to CycloneDX, e.g.: docker sbom username/imagename:latest --format cyclonedx-json --output imagename.sbom.json

  2. Run Debricked CLI, https://github.com/debricked/cli, and it will automatically pick up the CycloneDX report files.

  3. Profit! See results in pipeline and Debricked UI.

Last updated