Help Center> Host Security Service (New)> User Guide> Asset Management> Container Management> Container Images> Local Images
Updated on 2024-01-16 GMT+08:00
View PDF

Local Images

You can manually scan local images for vulnerabilities and software information and provides scan reports. This section describes how to perform security scans on local images and view scan reports.

Constraints

  • Only the local images of the Docker engine can be reported to the HSS console.
  • Security scans can be performed only on Linux images.

Viewing Local Images

  1. Log in to the management console.
  2. In the upper left corner of the page, select a region, click , and choose Security & Compliance > HSS.
  3. In the navigation pane, choose Asset Management > Containers & Quota.
  4. Click the Container Images tab and click Local image.

    You can view the name, version, type, and security risks of an image.

    • Viewing information about servers associated with an image

      Locate the row that contains the target image and click the server name. The associated servers page is displayed. You can view details about the servers associated with the image.

    • Viewing information about containers associated with an image

      Locate the row that contains the target image and click the number in the Associated Containers column. The Associated Containers page is displayed. You can view details about the containers associated with the image.

    • Viewing information about image components

      Locate the row that contains the target image and click the number in the Components column. The Components page is displayed. You can view details about image components.

Local Image Security Scans

You can choose all images, multiple images, or a single image and manually start a scan. The duration of a security scan depends on the scanned image size. Generally, scanning an image takes shorter than 3 minutes. After the scan is complete, click View Report to check the report.

The following security scan items are supported for local images:

Scan Item

Description

Vulnerability

Detects vulnerabilities in images.

Installed software

Collects software information in an image.
  1. Log in to the management console and go to the HSS page.
  2. In the navigation pane, choose Asset Management > Containers & Quota.
  3. Click the Container Images tab and click Local image.
  4. Performs a security scan for a single image or multiple images.

    • Single image security scan

      In the Operation column of the target image, click Scan to perform security scan.

    • Batch image security scan

      Select all target images and click Scan above the image list to perform security scan for multiple target images.

    • Full image security scan

      Click Scan All above the image list to perform a security scan for all images.

  5. In the displayed dialog box, click OK to start the scan job.

    After a full scan task is started, you can move the cursor over the gray Scan All button to view the scan progress.

  6. The image security scan is complete, when the Scan Status changes to Completed and the Latest Scan Completed shows the latest task execution time.

Viewing Local Image Vulnerability Reports and Software Information

  1. Log in to the management console and go to the HSS page.
  2. In the navigation pane, choose Asset Management > Containers & Quota.
  3. Click the Container Images tab and click Local image.
  4. In the Operation column of the target image, click View Report. On the displayed page, view vulnerability reports and software information.
  5. Click View Report in the Operation column of the target image to view the basic information, vulnerability report, and software information about the image.

    Figure 1 Viewing local image basic information

Exporting Local Image Vulnerability Reports

  1. Log in to the management console and go to the HSS page.
  1. In the navigation pane, choose Asset Management > Containers & Quota.
  2. Click the Container Images tab and click Local image.
  3. Click Export Vulnerability above the image list.

    If you want to export the vulnerability report of a specified image, select the image type in the search box and click Export Vulnerability.

  4. View the export status in the upper part of the container management page. After the export is successful, obtain the exported information from the default file download address on the local host.

    Do not close the browser page during the export. Otherwise, the export task will be interrupted.

Parent topic: Container Images