In this tutorial, we will use rfscan to scan a list of Docker images.
Step 1: Log Into RapidFort
First, run rflogin to log into RapidFort. Enter your password if prompted.
rflogin <your-email-address>
Step 2: Create a List of Images to Scan
Create a text file called image_list and add some images to scan (one image per line):
docker.io/debian:11
docker.io/debian:10
docker.io/debian:9
Step 3: Scan the List of Images
Scan the list of images:
rfscan <path_to_image_list>
rfscan will fetch and scan each image.
If you encounter issues, please try pulling the images before running rfscan:
$ docker pull docker.io/debian:11
$ rfscan <path_to_image_list>
Step 4: View Scan Reports
When more than one image is scanned, rfscan will generate unique SBOM and vulnerabilities reports in addition to per-image SBOM and vulnerabilities reports. The unique SBOM and vulnerabilities reports aggregate all unique packages and vulnerabilities found in the batch of images.
-
-
Scan Summary
-
Per-Image SBOM Reports
-
Per-Image Vulnerabilities Reports
-
Estimates Report
-
Unique SBOM Report
-
Comparison SBOM Report
-
Unique Vulnerabilities Report
-
Images and Images Scanned Reports
-
Your scan summary report may differ slightly from the example.
-
Your scan summary report may differ slightly from the example:
SCAN SUMMARY
-------------------------------------------------------------------------------
Total # of Images Scanned: 3
Total Attack Surface: 338.6 MB
Total # of Packages: 270
Total # of Vulnerabilities: 361
POC: 13
Critical: 33
High: 137
Medium: 146
Low: 42
Total # of Vulnerabilities with Patches: 8
-------------------------------------------------------------------------------
IMAGE DETAILS
-------------------------------------------------------------------------------
Image Attack Surface Hardened Estimate Vulnerabilities Hardened Estimate
docker.io/debian:9 100.6 MB ~4.1 MB 192 (POC: 9) ~31
docker.io/debian:10 114.1 MB ~4.9 MB 109 (POC: 4) ~18
docker.io/debian:11 123.9 MB ~5.4 MB 60 (POC: 0) ~10
-------------------------------------------------------------------------------
POC ATTACK RISK SUMMARY
--------------------------------------------------------------------------------
POC Published
Severity: Critical
No vulnerabilities found
Severity: High
CVE-2019-3844 docker.io/debian:10
CVE-2019-3843 docker.io/debian:10
CVE-2018-1000001 docker.io/debian:9
CVE-2017-18078 docker.io/debian:9
CVE-2019-3843 docker.io/debian:9
CVE-2019-3844 docker.io/debian:9
Rapid Risk Score >= 70.0%
Severity: Critical
CVE-2021-35942 docker.io/debian:10
CVE-2019-9893 docker.io/debian:10
CVE-2021-35942 docker.io/debian:9
Severity: High
CVE-2019-3844 docker.io/debian:10
CVE-2021-43396 docker.io/debian:11
CVE-2020-6096 docker.io/debian:10
CVE-2019-3843 docker.io/debian:10
CVE-2018-1000001 docker.io/debian:9
CVE-2017-18078 docker.io/debian:9
CVE-2021-39537 docker.io/debian:10
CVE-2019-3843 docker.io/debian:9
CVE-2020-6096 docker.io/debian:9
CVE-2021-39537 docker.io/debian:11
CVE-2021-39537 docker.io/debian:9
CVE-2019-3844 docker.io/debian:9
--------------------------------------------------------------------------------
-
https://frontrow.rapidfort.com (SaaS)
-
https://<rapidfort_ip address> (On-Premises)