Vulnerability Host Scanner

This page describes how to install the Sysdig Vulnerability Host Scanner on non-Kubernetes hosts using containers. This Host Scanner is used to scan for vulnerabilities on hosts, in addition to the default runtime scanner on containers.



Run the following Docker command to deploy the Sysdig Host Scanning container:

docker run --detach -e HOST_FS_MOUNT_PATH=/host -e SYSDIG_ACCESS_KEY=<access-key> -e SYSDIG_API_URL=<sysdig-secure-endpoint> -e SCAN_ON_START=true -v /:/host:ro -v /var/run:/host/var/run:ro --uts=host --net=host$(curl -L -s

This command downloads and starts the Sysdig Host Scanning container.

  • Replace with your agent access key, and with the URL for your Sysdig Secure endpoint by region.

Once the container is running, the scanner will begin scanning your host for vulnerabilities and providing security recommendations. You can view the results in the Sysdig Secure UI within 12 hours of installation as scans are refreshed every 12 hours.

Option: Scan for Containers

You can extend the host scanner to scan for containers such as Docker and Podman.

See Container Scanning for details.

Next Steps

Use the Vuln Host Scanner in the Sysdig Secure UI