The container image scan feature of Security Center detects and identifies both historical and the latest vulnerabilities in container images, and provides suggestions on vulnerability fixes. It provides you with end-to-end vulnerability management capabilities that make image vulnerability fixes easier.
Only the Enterprise and Ultimate editions of Security Center support this feature. If you do not use these editions, you must upgrade Security Center to the Enterprise or Ultimate edition before you can use this feature. For more information about how to purchase and upgrade Security Center, see Purchase Security Center and Upgrade and downgrade Security Center. For more information about the features that each edition supports, see Features.
Only the Container Registry instances of the Enterprise edition in the following regions support the container image scan feature: China (Hangzhou), China (Shanghai), China (Beijing), China (Shenzhen), and Singapore (Singapore).
Items that can detected
|Image system vulnerability||Supported||Not supported||We recommend that you fix image system vulnerabilities at the earliest opportunity based on the fixing commands and impact descriptions provided by Security Center.|
|Image application vulnerability||Supported||Not supported||We recommend that you fix image application vulnerabilities at the earliest opportunity based on the fixing commands and impact descriptions provided by Security Center.|
|Malicious image sample||Supported||Not supported||We recommend that you handle malicious file samples at the earliest opportunity based on the information provided by Security Center. The information includes paths to malicious files.|