O'Reilly logo

Advanced Infrastructure Penetration Testing by Chiheb Chebbi

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Docker vulnerability static analysis with Clair

Clair is an open source project for the static analysis of vulnerabilities in Docker containers. It allows penetration testers to identify vulnerabilities in containers. You can find its official repository at https://github.com/coreos/clair.

The Clair project is composed of the following seven components, illustrated in the diagram:

  • Content detectors
  • Datastore
  • Vulnerability updaters
  • RESTful API
  • Notifiers
  • Clients
  • Vulnerabilities databases

To build a Dockernized environment, visit the official QUAY website https://quay.io/:

Complete your profile with the required information:

Create a new ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required