Scout compass logo

Resolve security issues before they make it into production.
Now available in early access.

Security

Event-based container security monitoring

Docker Scout is a unified container security solution designed to help developers quickly identify and fix vulnerabilities in all repositories. This early access tool offers efficient image monitoring with a layer-by-layer view of image dependencies, vulnerabilities, and remediation paths.

Scout ui

Why Docker Scout?

Supply chain security for developers

Icon analyze scout

Analyze every image layer

Check your Docker image for vulnerabilities at every image layer, whether in the base image or the application code.

Icon risks scout

Prioritize risks by severity

Manage container vulnerabilities in each dependency by layer and prioritize by severity.

Icon threats scout

Tackle threats with speed

Act on alerts quickly with prioritized suggestions and automated remediation advice.

Icon improve scout

Improve your security status

Get a complete security posture for your organization through a dedicated web app.

 

Key Docker Scout features

Develop more securely

Icon terminal scout

Unified software analysis view

Scout simplifies the complex, making your direct and transitive dependencies clear across all layers. See all app dependencies in one view. Remediation is made easy by understanding your image composition.

Icon realtime scout

Real-time vulnerability updates

Always on the lookout for vulnerabilities, Scout correlates new CVEs with your image’s SBOM. Real-time updates keep you and your recommendations current for all of your repositories.

Icon contextual scout

Contextual remediation advice

Scout integrates wherever you use Docker, whether that’s in Docker Hub, Desktop, or the CLI. It’s all about making things easy, whether you’re updating your base image or the dependencies within your app code layers.

Docker Scout Pricing

Create your subscription by selecting the plan that best suits your needs.

Scout Free

Ideal for anybody looking to get started with software supply chain security

$0per month

Get started

Scout Team
Yearly

Ideal for development teams developing and maintaining multiple container images

$9per repo
per month

Buy now

Docker Scout Business

Ideal for commercial organizations who need visibility across all images and environments

Contact us

Contact us
Advanced image analysis
For local images Unlimited Unlimited Unlimited
For remote images Up to 3 repos Up to 100 repos Unlimited
SDLC integrations Up to 3 repos Up to 100 repos Unlimited
Security posture reporting Up to 3 repos Up to 100 repos Unlimited
Policy evaluation Coming soon Coming soon Coming soon

Scout Free

Ideal for anybody looking to get started with software supply chain security

$0per month

Get started
Advanced image analysis

For local images

Unlimited

For remote images

Up to 3 repos

SDLC integrations

Up to 3 repos

Security posture reporting

Up to 3 repos

Policy evaluation

Coming soon

Scout Team
Yearly

Ideal for development teams developing and maintaining multiple container images

$9per repo
per month

Buy now
Advanced image analysis

For local images

Unlimited

For remote images

Up to 100 repos

SDLC integrations

Up to 100 repos

Security posture reporting

Up to 100 repos

Policy evaluation

Coming soon

Scout Business

Ideal for commercial organizations who need visibility across all images and environments

Contact us

Contact us
Advanced image analysis

For local images

Unlimited

For remote images

Unlimited

SDLC integrations

Unlimited

Security posture reporting

Unlimited

Policy evaluation

Coming soon

Try Docker Scout

 

Already have Docker?

Start using Docker Scout for secure software development.

Use Scout today

Get started with Docker Scout and start developing more securely now.

Contact sales

FAQ

Who can enable Docker Scout for my organization?
You must be an admin for the organization to enable Scout.
If Docker Scout doesn’t scan, how does it work?

Scout ditches old-fashioned scheduled scans for a modern event-driven model. If a new vulnerability affecting your images is announced, Scout shows your updated risk within seconds. It’s always alert, updating vulnerability info from 17+ sources in real time. This data is compared with your Software Bill of Materials for up-to-the-minute accuracy.

You can also add your internal advisories to the mix, ensuring a comprehensive view of your security. So, with Scout, you’ll always be a step ahead, swiftly spotting and fixing vulnerabilities without the wait.

Will remediation suggestions change depending on which layer is vulnerable?
If your base image has a vulnerability, Scout will check for updates and patches to suggest how to replace the image. If vulnerabilities exist in other layers, Scout will reveal precisely where it was introduced and make recommendations accordingly.
How is Docker Scout using an SBOM?

An SBOM, or software bill of materials, is a list of ingredients that make up software components. Scout cross-references SBOMs with streaming CVE data to surface vulnerabilities (and potential remediation) as soon as possible.

What makes Docker Scout different from other tools?

While there are similarities and differences between all tools of this nature, Scout stands out by offering layered visibility into dependencies and remediation options built into existing developer workflows.

Can I still use other security tools, such as Snyk, with Docker?

Yes. Docker is committed to supporting developers and their favorite tools and will continue to offer flexible integration whenever possible. Some security tools provide Docker Extensions to make integration even more accessible.

Why do I need to log in to use Docker Scout?

Scout’s capabilities and data solutions are delivered as a service. To provide this service, we require users to authenticate. We also use this information to monitor usage and ensure organizations are licensed correctly.

What do I need to enable Docker Scout on remote images in registries?

Scout requires a Docker Hub organization. You can use Scout registries other than Docker Hub. Learn more about configuring Scout with your registries in the Scout documentation.

What is the difference between early access (EA) and generally available (GA)?

Early Access releases are new or enhanced features made available for users to test and provide feedback. Generally available (GA) product has completed all stages of development, testing, and feedback, and is considered ready for general use. More information on Docker’s product life cycles can be found here.

Pricing FAQ

Can I use Docker Scout on private images?

Scout features on Docker Desktop can analyze any private, local image. There are no usage limits for local use of Docker. For private, remote images, you’ll need a Docker Hub organization as well as a JFrog Artifactory account, if Artifactory is your primary registry. Each organization on the Docker Scout Free plan may enable 1 repo for Docker Scout.

What are Scout-enabled repos?

Any repo in Docker Hub can be enabled for Scout. Enabling a repo with Scout equips that repo with the full functionality of the service.  Scout also integrates with JFrog Artifactory repos. The sum total of your Docker Hub and Artifactory Scout-enabled repos counts towards the repo limit on the Free tier. For more information on enabling Scout for repos on Docker Hub and JFrog, see the Scout documentation.

What license terms are available?

Docker Scout subscriptions can be purchased on both an annual and monthly basis.

Which registries and CI/CD systems does Scout currently support?

Docker Scout can be enabled for the following:

Registries: Docker Hub and JFrog Artifactory
CI/CD Systems: GitHub Actions, GitHub Devops and Microsoft ADO

Any repo enabled for Scout counts towards the monthly repo allowance for your plan.