Scan container images for vulnerabilities in Azure Security Center
Posted on Monday, November 4, 2019
Azure Security Center can now scan container images in Azure Container Registry for vulnerabilities.
The image scanning works by parsing the container image file, then checking to see whether there are any known vulnerabilities (powered by Qualys).
The scan itself is automatically triggered when pushing new container images to Azure Container Registry. Found vulnerabilities will surface as Security Center recommendations and included in the Azure Secure Score together with information on how to patch them to reduce the attack surface they allowed.