Tenable Container Security Requirements

You can access Tenable Container Security from any machine that meets the System Requirements described in the Tenable Vulnerability Management User Guide.

Supported Container Image Formats

Tenable Container Security supports the following image formats:

Import and Scan Method Supported Image Types
Push a Container Image to Tenable Container Security

Docker images

Configure Connectors to Import and Scan Images Docker images
Configure and Run the Container Security Scanner
  • Docker images
  • Open Containers Initiative (OCI) images

Supported Registries

The container registries that Tenable Container Security supports depends on the method you use to import and scan images.

Tenable tests and verifies successful import and scanning for the following registries:

Import and Scan Method Supported Image Types
Push a Container Image to Tenable Container Security

Docker registry

Configure Connectors to Import and Scan Images
  • Amazon Web Service (AWS) Elastic Container Registry (ECR)
  • JFrog Artifactory registry
  • Docker registry
Configure and Run the Container Security Scanner
  • Amazon Web Service (AWS) Elastic Container Registry (ECR)
  • Azure Container registry
  • Docker registry
  • Docker Hub registry
  • Google Cloud Platform (GCP) Google Container Registry (GCR)
  • Harbor registry

  • JFrog Artifactory registry

  • Nexus Repository Manager registry
  • Red Hat OpenShift Container Platform registry
  • Red Hat Quay Container registry
Note: Tenable Container Security supports importing and scanning from tested and verified registries that are compatible with Docker Registry API version 2.0.
If you choose to import and scan images from registries that have not been tested and verified, Tenable Support cannot assist with your configurations.

Port Requirements

The machine where you run Tenable Container Security must allow outbound traffic to TCP port 443 for communications with the cloud.tenable.com server.