Scan an Image via the Tenable Container Security Scanner

Required Additional License: Tenable Container Security

Required Tenable Vulnerability Management User Role: Scan Operator, Standard, Scan Manager, or Administrator

Run the Container Security Scanner in Image Inspect mode to scan a single image.

Before you begin:

To run the Container Security Scanner in Image Inspect mode:

  1. In the command-line interface of the machine where you want to run the scanner, run the customized configuration and command for your deployment type using the following parameters:

    Note: Some of the following variables are not required to run the scanner. For information about these variables and their definitions, see Environment Variables.

    Copy
    docker save <your image name as it appears in the repository> | docker run \
    -e TENABLE_ACCESS_KEY=<variable> \
    -e TENABLE_SECRET_KEY=<variable> \
    -e IMPORT_REPO_NAME=<variable> \
    -i tenableio-docker-consec-local.jfrog.io/cs-scanner:latest inspect-image <Image name as you want it to appear in Tenable Vulnerability Management
  2. Press Enter.

    The Container Security Scanner scans the image.

What to do next: