Registry
Registries are a fundamental stage in the lifecycle of container images. Container registries accumulate large amounts of images, some of which are obsolete or no longer suitable for runtime, and registry scanning provides the necessary security to avoid degradation of the posture.
- Sysdig’s Vulnerability Management cycle and the benefits of scanning in all three phases
Prerequisites
Install and configure the registry scanner on various private registries. For information, see: Install Container Registry Scanning
Registry Scanning Results
Landing Page
Ensure that the registry scanner is installed and at least one scheduled scan job is completed.
Log in to Sysdig Secure and go to
Vulnerabilities|Registry
Landing Page to see the overview of all registries where a scanner is installed.The interface mirrors the pipeline and runtime interfaces where you can:
- Browse or search registries or repos.
- Search by image or tag.
- Review detected vulns by severity and exploit status.
Select an image to access the detail panels.
Detail Panels
Overview Tab
This section focuses on the package view and filters for those that are fixable. You can click on the cells to view the Vulnerabilities list.
Vulnerabilities Tab
Use the expanded filters and clickable list of CVEs to view complete CVE details, including source data and fix information.
The same security finding (for example, a particular vulnerability) can be present in more than one rule violation table if it violates several rules.
Suggested Usage
Use the filters to find, for example, vulnerabilties with:
Severity Critical
, Has Fix, Exploitable
Content Tab
You can view data organized by package view, with expanded filters and clickable CVE cells.
Suggested Usage
Check for the software packages that are most dangerous.
Accept Risk: Registry
In this release of Registry Scanner, Policies and Accept Risk are not yet implemented.
Next Steps
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.