Scan a Registry via the Tenable Container Security Scanner

Required Additional License: Tenable Container Security

Required Tenable Vulnerability Management User Role: Scan Operator, Standard, Scan Manager, or Administrator

Run the Container Security Scanner in Registry Import mode to scan all images in a registry.

Before you begin:

To run the Container Security Scanner in Registry Import mode:

  1. In the command-line interface of the machine where you want to run the scanner, run the customized configuration and command for your deployment type using the following parameters:

    Note: Some of the following variables are not required to run the scanner. For information about these variables and their definitions, see Environment Variables.

    docker run \ 
    -e TENABLE_ACCESS_KEY=<variable> \ 
    -e TENABLE_SECRET_KEY=<variable> \ 
    -e IMPORT_REPO_NAME=<variable> \ 
    -e REGISTRY_URI=<variable> \ 
    -e REGISTRY_USERNAME=<variable> \ 
    -e REGISTRY_PASSWORD=<variable> \  
    -e IMPORT_INTERVAL_MINUTES=<variable> \ 
    -i import-registry    
  2. Press Enter.

    The Container Security Scanner scans all images in the registry.

What to do next: