Scan vulnerabilities
Log in to the Marketplace to access vulnerability and SBOM reports from an intuitive dashboard.
- Testnet
- Mainnet
⚠️ Status: Limited support
Existing machines and deployments will continue to operate. Look out for the transition to Mainnet.
🚧 Status: Coming soon
Overview
The NopeOps Marketplace Dashboard provides an integrated vulnerability scanner to allow you to verify the integrity of:
- 🚧 Codebases / repositories
- Public Docker images (including Marketplace templates)
Prerequisites
- Marketplace account
- For recurring scans, a registered email
- Publicly-available resource to assess
Scan for vulnerabilities with Security Hub
This guide supports you to understand how to scan for vulnerabilities with the NodeOps Marketplace Security Hub. Use the video or steps to understand the flow.
Step 1: Access the tool
Logged in from your account, navigate the left hand menu to Security Hub.
Show me
Step 2: Scan your resource
- Click Upload for Scanning.
Show me
- Enter a publicly-available Docker image name and choose scan type:
- Vulnerability
- SBOM
Show me
- (Optional) Click Enable Recurring Scan. This requires that you have an email linked to your Marketplace account to receive alerts on.
Step 3: Review the analysis
You may view the scan's progress by clicking the resource name.
Show me
- Once the scan is complete, click the resource name to view a summary.
Reload the page if necessary.
Show me
- Click the summary block to deep dive into the scan details.
Show me
Congratulations: you can now deep-dive into the vulnerabilites identified by the scanner.
What next?
- Follow the User Guide to manage your scans
- To test an OWASP-issued Docker image of an app with known vulnerabilities, consider scanning
bkimminich/juice-shop - Set up your Cloud infrastructure using NodeOps Network's Marketplace
- Learn more about the Security Hub