Docker Security Scanning (DSS) with CoreOS’s — Clair

Recently we descovered a CVE within one of our development images. Therfore we wanted to not happen this again. So we got going with docker security scanning. Quick we found Clair by CoreOS wich seams to be reasonable for our purposes.

Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including appc and docker).

In regular intervals, Clair ingests vulnerability metadata from a configured set of sources and stores it in the database.