As containers gain attention and traction for both development and operational purposes, it becomes increasingly important to monitor the security of running containers. In order to facilitate simple scanning of Docker and Rkt images based on Oracle Linux, we have added support for Clair and Vuls in both upstream projects.
Vulnerability data is continuously imported from a known set of sources and correlated with the indexed contents of container images in order to produce lists of vulnerabilities that threaten a container. When vulnerability data changes upstream, the previous state and new state of the vulnerability along with the images they affect can be sent via webhook to a configured endpoint. All major components can be customized programmatically at compile-time without forking the project."
Clair is most obviously seen by the integrated and automated scanning provided by CoreOS' public registry, Quay.io. Likewise, Clair is also integrated in CoreOS' Quay Enterprise product. Both support Oracle Linux as a scanning target and will report vulnerabilities detected in uploaded images.
Vuls (VULnerability Scanner) is an open source scanner written in Go. It's designed to scan images on a Linux or FreeBSD host and supports several target operating systems including Oracle Linux, Ubuntu, Debian, CentOS, Amazon Linux, Red Hat Enterprise Linux, FreeBSD and Raspian.
Vuls is an agentless scanner which only requires a single host configured with SSH access to all target machines. It includes a text-based report viewer and can provide reporting to web-based engines like VulsRepo.
As these are third-party products, no support is provided by Oracle for any of the products mentioned in this article. If you have any issues with the Oracle Linux integration for one of these products, please open an issue with the product directly via their GitHub repository.