Tools compared: Docker security scanner
Finding the right tool for the job can be difficult task. This sheet compares Clair, Docker Bench for Security, Dockerscan and Lynis.
| Clair | Docker Bench for Security | Dockerscan | Lynis | |
|---|---|---|---|---|
| Description | Clair is an open source container analyzer. It performs static analysis of container images and correlates their contents with public vulnerability databases. | Docker Bench for Security is a small security scanner to perform several tests that are part of the Docker CIS benchmark. | Dockerscan is a Docker toolkit for security analysis which includes attacking tools. It is more focused on side of the offensive than defensive. | Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits. |
| Dependencies | booby-ng, click, colorlog, ndg-httpsclient, pyasn1, pyOpenSSL, Python 3, python-dxf, requests | |||
| Strenghts | The source code of this software is available | More than 25 contributors, Screen output is colored, More than 3000 GitHub stars, The source code of this software is available | More than 500 GitHub stars, The source code of this software is available | More than 50 contributors, Commercial support available, More than 4000 GitHub stars, Used language is shell script, Very low number of dependencies, Project is mature (10+ years), The source code of this software is available |
| Weaknesses | ||||
| Programming language(s) | Golang | Shell script | Python | Shell script |
| Last release | 2.1.1 (2019-11-12) | 1.3.5 (2019-11-05) | Unknown | 2.7.5 (2019-06-24) |
| Tool page (last updated) | 2019-11-13 | 2019-11-07 | 2017-09-17 | 2019-06-25 |
| Tool score | 78 | 85 | 64 | 100 |
| Download | ||||
| More information |