Scan an Image via the Tenable.io CS Scanner

Required User Role: Scan Operator, Standard, Scan Manager, or Administrator

Run the Tenable.io CS Scanner in Image Inspect mode to scan a single image.

Before you begin:

To run the Tenable.io CS Scanner in Image Inspect mode:

  1. In the CLI of the machine where you want to run the scanner, type the customized configuration and command for your deployment type using the parameters defined below.

    Note: Some of the following variables are not required to run the scanner. For information about these variables and their definitions, see Environment Variables.

    docker save <your image name as it appears in the repository> | docker run \ -e TENABLE_ACCESS_KEY=<variable> \ -e TENABLE_SECRET_KEY=<variable> \ -e IMPORT_REPO_NAME=<variable> \ -i tenableio-docker-consec-local.jfrog.io/cs-scanner:latest inspect-image <Image name as you want it to appear in Tenable.io> \
  2. Press Enter.

    The Tenable.io CS Scanner scans the image.

What to do next: