> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cybedefend.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Start a public container scan

> Initiates a container image vulnerability scan for a public Docker image.



## OpenAPI

````yaml post /project/{projectId}/scan/container/start
openapi: 3.0.0
info:
  title: Cybedefend API
  description: >-
    CybeDefend is an advanced API for application security analysis. Key
    features include OAuth 2.0 authentication, user/organization/project
    management, and REBAC-based permissions. It excels in static, dynamic, and
    IaC security analyses (SAST, DAST, IaC, etc.).
  version: '1.0'
  contact: {}
servers:
  - url: https://api-eu.cybedefend.com
    description: EU
  - url: https://api-us.cybedefend.com
    description: US
security: []
tags: []
paths:
  /project/{projectId}/scan/container/start:
    post:
      tags:
        - Scan
      summary: Start a public container scan
      description: >-
        Initiates a container image vulnerability scan for a public Docker
        image.
      operationId: ScanController_startContainerScan
      parameters:
        - name: projectId
          required: true
          in: path
          description: The unique identifier of the project to scan
          schema:
            format: uuid
            example: 550e8400-e29b-41d4-a716-446655440000
            type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/StartContainerScanBodyDto'
      responses:
        '200':
          description: Container scan initiated successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/StartScanResponseDto'
        '400':
          description: Bad Request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorDto'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                example:
                  message: Unauthorized
                  statusCode: 401
                  timestamp: '2025-02-18T12:31:18.491Z'
                  path: /example/path
        '403':
          description: Forbidden
          content:
            application/json:
              schema:
                example:
                  message: Forbidden
                  statusCode: 403
                  timestamp: '2025-02-18T12:31:18.491Z'
                  path: /example/path
components:
  schemas:
    StartContainerScanBodyDto:
      type: object
      properties:
        imageToScan:
          type: string
          description: >-
            The public Docker image to scan (e.g., "alpine:latest",
            "node:18-alpine")
          example: node:18-alpine
        branch:
          type: string
          description: Branch name for tracking purposes
          example: main
        vulnerabilityTypes:
          description: Types of vulnerabilities to look for.
          example:
            - CRITICAL
            - HIGH
          type: array
          items:
            type: string
        sourceType:
          type: string
          description: >-
            Source type of the scan (manual, cli, github, gitlab). Defaults to
            manual if not provided.
          example: manual
          enum:
            - manual
            - cli
            - github
            - gitlab
            - jetbrains
            - vscode
          default: manual
      required:
        - imageToScan
    StartScanResponseDto:
      type: object
      properties:
        success:
          type: boolean
          description: Whether the scan started successfully
        message:
          type: string
          description: Message describing the scan start result
        scanId:
          type: string
          description: The unique identifier of the created scan
        detectedLanguages:
          description: Detected languages (if any) during scan initialization
          type: array
          items:
            type: string
      required:
        - success
        - message
    ErrorDto:
      type: object
      properties:
        timestamp:
          type: string
          example: '2025-02-18T12:31:18.491Z'
          description: Timestamp of the error
        service:
          type: string
          example: AiService
          description: Name of the service where the error occurred
        method:
          type: string
          example: startConversation
          description: Method name where the error occurred
        message:
          type: string
          example: Invalid parameters provided
          description: Error message
        code:
          type: number
          example: 400
          description: HTTP status code
          minimum: 100
          maximum: 599
      required:
        - timestamp
        - service
        - method
        - message
        - code

````