Skip to content

dhi: add scanner integration #23952

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
craig-osterhout wants to merge 5 commits into
base: main
Choose a base branch
from
Open

dhi: add scanner integration #23952

craig-osterhout wants to merge 5 commits into from
+269 −145

Conversation

@craig-osterhout
Copy link
Contributor

@craig-osterhout craig-osterhout commented Jan 9, 2026
edited
Loading

Description

Added topic about scanner integrations and moved conceptual info from how to scan to that topic.
Refreshed how to scan and vex core concept topics.
Added wiz scan.

Related issues or tickets

ENGDOCS-3137

Reviews

  • Editorial review
  • Product review

@netlify
Copy link

netlify bot commented Jan 9, 2026
edited
Loading

Deploy Preview for docsdocker ready!

Name Link
🔨 Latest commit 645b2ee
🔍 Latest deploy log https://app.netlify.com/projects/docsdocker/deploys/696a8b00c3364d0008faafad
😎 Deploy Preview https://deploy-preview-23952--docsdocker.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@craig-osterhout
dhi: add scanner integration
90349ae 
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
Bkblodget
Bkblodget reviewed Jan 13, 2026
View reviewed changes
Copy link

@Bkblodget Bkblodget left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

made a few suggestions, overall looks great!

@craig-osterhout
feedback1
c9ad286 
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
@craig-osterhout
update wiz
425bfec 
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
@craig-osterhout
lint fixes
10bf20f 
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
@craig-osterhout craig-osterhout marked this pull request as ready for review January 16, 2026 18:54
@craig-osterhout craig-osterhout requested review from a team and Bkblodget January 16, 2026 18:54
@craig-osterhout
fix description
645b2ee 
Signed-off-by: Craig Osterhout <craig.osterhout@docker.com>
usha-mandya
usha-mandya reviewed Jan 23, 2026
View reviewed changes
content/manuals/dhi/explore/scanner-integrations.md

## Scanners with VEX support

The following are a few scanners that can read and apply the VEX attestations
Copy link
Member

@usha-mandya usha-mandya Jan 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about "The following scanners can read and apply VEX attestations included with Docker Hardened Images to deliver more accurate vulnerability assessments:"

usha-mandya
usha-mandya reviewed Jan 23, 2026
View reviewed changes
content/manuals/dhi/explore/scanner-integrations.md

### Benefits of scanners with VEX support

Scanners that support open standards like OpenVEX and can read VEX attestations
Copy link
Member

@usha-mandya usha-mandya Jan 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggestion: Scanners that support open standards like OpenVEX and can interpret VEX attestations from Docker Hardened Images offer the following benefits:

usha-mandya
usha-mandya approved these changes Jan 23, 2026
View reviewed changes
Copy link
Member

@usha-mandya usha-mandya left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left some minor suggestions. Looks good otherwise

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@usha-mandya usha-mandya usha-mandya approved these changes

@Bkblodget Bkblodget Awaiting requested review from Bkblodget

Assignees

No one assigned

Labels

area/dhi area/tests status/review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@craig-osterhout @Bkblodget @usha-mandya