False positives got you down? VEX works with Docker Scout to filter out false positives in security vulnerabilities. Learn how to get started with this powerful combo.
docker scout
Announcing Docker Scout Software Supply Chain Solution for Open Source Projects
Docker is now providing a free Docker Scout Team subscription to all Docker-Sponsored Open Source (DSOS) program participants.
How to Enhance Application Security Posture with Docker Scout Policies
Learn how Docker Scout policies can help development and security teams define and achieve an ideal application security posture for organizations.
Maximizing Software Development’s ROI: Forrester’s TEI Study of Docker Business
The recent Forrester Total Economic Impact™ (TEI) study underscores for us the measurable benefits experienced by Docker Business users, including accelerated development agility, reduced time-to-market, and substantial cost savings.
How JW Player Secured 300 Repos in an Hour with Docker Scout
For companies like JW Player, whose core business revolves around streaming, content, and infrastructure, security must be a priority without slowing down delivery or affecting operations. Learn how JW Player uses Docker to help meet such challenges, including how JW Player enabled more than 300 repositories for Docker Scout within just one hour.
Achieve Security and Compliance Goals with Policy Guardrails in Docker Scout
We show how Docker Scout policies enable teams to identify, prioritize, and fix their software quality issues at the point of creation.
Docker Desktop 4.25: Enhancements to Docker Desktop on Windows, Rosetta for Linux GA, and New Docker Scout Image Analysis Settings
The Docker Desktop 4.25 release supports the GA of Rosetta for Linux, a feature that furthers the speed and productivity that Docker Desktop brings. We’ve also optimized the installation experience on Windows and simplified Docker Scout image analysis settings in this latest Docker Desktop release.
Security Advisory: High Severity Curl Vulnerability
The maintainers of curl, the popular command-line tool and library for transferring data with URLs, released curl 8.4.0 on October 11, 2023. This version included a fix for two common vulnerabilities and exposures (CVEs), one of which the curl maintainers rate as “HIGH” severity and described as “probably the worst curl security flaw in a long time.” But you can use Docker Scout to check whether you’re using the curl library as a dependency in any of the container images in your organization.
Announcing Docker Scout GA: Actionable Insights for the Software Supply Chain
We are excited to announce that Docker Scout General Availability (GA) now allows developers to continuously evaluate container images against a set of out-of-the-box policies, aligned with software supply chain best practices. These new capabilities also include a full suite of integrations enabling you to attain visibility from development into production. These updates strengthen Docker Scout’s position as integral to the software supply chain.