Container Scanner

Scan your docker images with Meterian

All open source scanners are known to produce a certain amount of false positives. Meterian’s Container Scanner is specifically designed to address this flaw. It's a meta-scanner that integrates:

  • three open-source scanners engines

    • Dagda

    • Anchore

    • Clair

  • the Meterian proprietary container scanner

  • a final validation stage in the cloud

The final validation in the cloud, which is based on the Meterian curated NVD/MITRE database, minimises the occurrence of false positives. Moreover, the results from the Meterian meta-scanner include the full list of licences for each discovered component and the full upgrade path, where available. The Meterian scanner also offers pre-validated bindings to let customers add other non-open source scanners inside the cycle. This product is fully integrated into the Meterian product line and produces the same easy-to-read reports as any project scanned (see an example here)

The Meterian Container Scanner is a separate product from the standard Meterian Client and has to be licensed separately. The official documentation can be found on GitHub.