Scan Vulnerabilities
- Testnet
- Mainnet
🌟 Status: Live for Docker Images
🚧 Status: Coming soon
Overview​
The NopeOps Marketplace Dashboard provides an integrated vulnerability scanner to allow you to verify the integrity of:
- 🚧 Codebases / repositories
- Public Docker Images
- 🚧 Templates
Under the hood, open source security scanners such as Trivy search for vulnerabilities and misconfigurations.
Prerequisites​
- Marketplace account
- Publicly available resource to assess
Scan for vulnerabilities with NodeOps scanner tool​
This guide supports you to understand how to scan for vulnerabilities with the NodeOps Marketplace scanner tool. Use the video or steps to understand the flow.
Step 1: Access the tool​
Logged in from your account, navigate the left hand menu to Scan Vulnerability and click Upload for scanning.
Show me
Step 2: Scan your resource​
- Enter the resource name and click Request Scan.
Show me
- You may view the scan's progress by clicking the resource name.
Show me
Step 3: Review the analysis​
- Once the scan is complete, click on the resource name to view a summary.
Reload the page if necessary.
Show me
- Click on the summary block to deep dive into the scan details.
Show me
Congratulations! You can now deep-dive into the vulnerabilites identified by the scanner.
What next?​
- Consider downloading the report for your scan using the Download Report button
- If you want to test an OWASP-issued Docker image of an app with known vulnerabilities, consider scanning
bkimminich/juice-shop - Set up your Cloud Infrastructure using NodeOps Network's Marketplace