View Scan Results for Container Images

Required Additional License: Tenable Container Security

Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

After Tenable Container Security scans your container images, you can view the detailed scan results on the Tenable Container Security dashboard.

Before you begin:

To view scan results for container images:

  1. In the Statistics section of the Container Security dashboard, click the Images widget.

    The Images page appears.

  2. In the images table, you can:

    • Filter the images table.

    • Search the images table.

    • View details for the image:
      1. In the images table, click an image row.

        The Image Details page appears.

      2. On the Image Details page, you can:

        View details about the package in the image your identified container links to, including the package name, version, license, and type.
        TabAction
        Vulnerabilities
        • View vulnerability details for each vulnerability identified in the image:
          • In the Severity column, view the severity rating Tenable Container Security assigned the image.

            Note: For information about how Tenable Container Security determines image risk, see Image Risk.

          • In the Vulnerability column, view the vulnerability ID.

            Note: The authority that identifies a given vulnerability determines the vulnerability’s ID format.

          • In the Risk Score column, view the CVSSv2 score.
          • In the Release Date column, view the date when the software on which the image is hosted released the vulnerability.

        • Click a row in the vulnerabilities table.

          A vulnerability details plane appears, containing details and remediation recommendations for the vulnerability.

        Malware

        View details about malware identified in the image, including a list of infected files, the file types, and the MD5 and SHA256 digests of the file.

        Package Inventory

        View details about the package in the image your identified container links to, including the package name, version, license, and type.

        Layer Digest

        View the digest IDs for each layer in the image.

        Identified Containers
        • In the Container ID column, view the ID that the software your container runs on assigned to each container.
        • In the Hostname column, view the name of the network on which each container runs.

          Note: Not all networks have a hostname; some only have an IP address.

        • In the Host IP column, view the IP address for the network on which each container runs.
        • In the Start Date column, view the date when the container most recently started running.