Getting Started with Container Scanning

Container scanning helps ensure that the open source components that developers embed in their docker container meet basic security standards and do not introduce risk to the organization. SOOS Container scanning runs a proprietary, patented analysis engine which runs deep dependency analysis, license analysis, and vulnerability detection using our database of 84+ million packages.

Running a Container image scan is quick and easy, once you have an account you can run a local scan or setup your CI/CD, from there you can add additional configurations and integrations.

Use the Containers tab of the Integrations page to configure and run an Container scan using a script or CI/CD system.

Container scans will appear on your Developer Dashboad as projects. Project names can be specified using the Script or CI/CD integration. If the project name corresponds to an existing project, the scan indicator will be used to show all scan types for the project. See Projects for more details on determining and switching scan types for a project.

Want the technical details? Check out or GitHub Readme it has all the details you'll need. You can also browse the full source of our Container integration script under this same GitHub repo, if you're curious!

The SOOS Configuration System provides a highly flexible and overridable configuration system.

SOOS supports numerous Integrations, including Issue Management Integrations.