Docker discoveries

The Docker discoveries let you list the set of Docker images available from a registry, or pulled into an existing Docker deployment. The discovered Docker images can then be added to Cyberwatch with a grouped action for scanning.

Oracle Cloud Infrastructure Registry

Prerequisites

Oracle Cloud Infrastructure Registry (OCIR) discoveries need:

  • a user belonging to a group (named for example Cyberwatch) with a policy, defined on the root compartment, allowing listing and pulling the images from the OCIR repositories:

      Allow group Cyberwatch to read repos in tenancy

Once the credential set is created from the Stored credentials menu, you can create the Oracle Cloud Infrastructure Registry discovery by going to Discoveries, then clicking Add and Oracle Cloud Infrastructure Registry in the Docker images category.

Add the discovered Docker images

From the discovery assets list, you may see and filter the Docker images without any associated assets. To add them to Cyberwatch, pick the images you wish to scan and click Bulk actions > Scan as Docker images.

Newly discovered Docker images can be automatically added to Cyberwatch by enabling automatic registration from the discovery edition form.

The registry is automatically selected based on the name of the discovered image. For instance, the image example.com/library/hello would automatically use the registry example.com, provided it has been added as a stored credential. New registries are automatically added as stored credentials, and you can manually edit them if they require authentication. You may in certain contexts select a preferred registry, but it will only be selected when the registry in the name of the discovered image matches the entry point of the registry.

Back to top

English Français Español