Skip to main content
Docker Hub is the default registry for Docker containers and hosts millions of public images. CybeDefend’s Docker Hub integration allows you to scan any public image for vulnerabilities without requiring authentication or special configuration.
Docker Hub Integration

Features

  • Public Image Access: Scan any publicly available image from Docker Hub
  • Official Images: Access to Docker’s official maintained images
  • Community Images: Scan community-contributed containers
  • No Authentication Required: Direct access to public repositories
  • Tag Support: Scan specific versions or latest tags

How to Scan Docker Hub Images

1

Select Docker Hub

Choose Docker Hub as your image source in the container scanning interface
2

Enter Image Details

Specify the image name and tag (e.g., nginx:latest, node:18-alpine)
3

Initiate Scan

Click scan to pull and analyze the container image
4

Review Results

Access detailed vulnerability reports for the scanned image

Image Naming Convention

When scanning Docker Hub images, use the standard naming format:
  • Official Images: image:tag (e.g., nginx:latest)
  • User Images: username/image:tag (e.g., library/hello-world)
  • Organization Images: organization/image:tag

Best Practices

  1. Regular Scanning: Scan base images regularly as new vulnerabilities are discovered
  2. Tag Specificity: Use specific version tags instead of latest for reproducible builds
  3. Layer Analysis: Review which layers introduce vulnerabilities
  4. Alternative Images: Consider using Alpine-based images for smaller attack surfaces
Docker Hub has rate limits for anonymous pulls. For high-volume scanning, consider using authenticated access or Docker Hub Pro accounts.
Related: Container Image Scanning · Registry Integrations · Scan Parameters
I