Select Page

How to Scan Your Artifacts (Docker Image)

This guide will walk you through the process of performing an on-demand Artifact scan for your projects.

Step 1: Start a New Scan

  1. After logging into the application, you will see the main dashboard.
  2. Click the Scan Now button located in the top-right corner of the screen.
source1

Step 2: Select Scan Type and Add a Project

  1. On the “On Demand Scanning” page, select Aftifact Scan from the options on the left.
  2. Click the + Add Project button on the right side of the screen.
artifact1

Step 3: Configure Your Project

You will now see the “Create Project” form. Fill out the following fields to configure your scan:

  1. Name: Enter a descriptive name for your project so you can easily identify it later.
  2. Team: Select default.
  3. Platform: Choose your Artifact hosting platform from the dropdown menu (e.g., DockerHub).
  4. Scan Type: Leave as Default (Artifact Scan) .
  5. Account: Select The Default Docker account.
  6. Organization / Workspace: Enter the name of the Docker Hub organization or workspace you wish to scan.
  7. Scan Level:
    • Choose Repository to scan a single, specific repository.
    • Choose Organization/Workspace to scan all repositories within the specified organization.
  8. Repo / Project:
    • If you have selected “Repository” as the Scan Level, choose the specific repository from this dropdown.
    • This will default to “All” if you are scanning an entire organization.
  9. Tag: Enter the tag you want to scan (i.e. latest).
  10. Tag Pattern: If you chose to use a pattern in the previous step, enter the tag name or pattern here (e.g., entering “production” will scan all branches containing that word).
  11. Scan Up To:Set a numerical limit for the maximum number of tags to be scanned.
  12. Schedule an Auto Scan: Optionally, you can set a schedule for the project to be re-scanned automatically (e.g., every 30 days). This ensures your results stay up-to-date as your code changes.
source3

Step 4: Save and Start Scanning

Once you have filled out all the necessary fields, click the Save button in the bottom-right corner. Your project will be added to the queue and the scan will begin.

Reviewing Your Results:

artifact2

Image License Report:

license_report

Image Secret Report:

secret_report

Image SBOM:

secret_sbom
Ship Secure Faster
Talk to an Expert