To use the feature of container image scan, you must purchase and enable this feature. This topic describes how to purchase and enable container image scan.

Background information

Container image scan is a value-added service provided by Security Center and must be separately purchased. Only users of the Advanced,Enterprise, Ultimate, and Value-added Plan editions can purchase container image scan. If you use this feature, you are charged based on the number of times images are scanned and the number of scanned images. The fee per scan for each image is USD 0.3.

Note Users of the Basic edition can upgrade Security Center to the Advanced, Enterprise, Ultimate, or Value-added Plan edition to purchase container image scan. Users of the Anti-virus edition can upgrade Security Center to the Advanced, Enterprise, or Ultimate edition to purchase container image scan.

Procedure for users of Security Center Basic

  1. Log on to the Security Center console.
  2. In the left-side navigation pane, choose Precaution > Image Security.
  3. On the page that appears, click Immediate purchase.
  4. Click Buy Advanced, Buy Enterprise, or Buy Ultimate Edition.
    In addition to all the features that the Enterprise edition supports, the Ultimate edition also supports Radar, threat detection for Kubernetes containers, and threat detection during container runtime. If you have high requirements for container security, we recommend that you click Buy Ultimate Edition. For more information about the features that each edition supports, see Features.
  5. After you click Buy Advanced, Buy Enterprise, or Buy Ultimate Edition, configure the parameters, including Container Image Scan.
    We recommend that you set Container Image Scan to the number of images for which you want to detect container vulnerabilities during the subscription period. Security Center identifies an image based on a unique digest value. If the digest value of an image does not change, the quota specified by Container Image Scan is deducted by one only for the first scan. If the digest value of an image changes, the quota specified by Container Image Scan is deducted by one each time the digest value changes. For example, if you want to scan 10 images and the total number of times the digest values of the images change is expected to be 20 within the subscription period, set Container Image Scan to 30. This indicates that the value of Container Image Scan equals the number of images you want to scan plus the number of times the digest values change.

    References:

    • For more information about the billing details, see Billing.
    • For more information about how to configure the parameters on the buy page, see Purchase Security Center.
    Note If you want to use only container image scan of Security Center, you can set Edition to Value-added Plan and Container Image Scan to an appropriate value.
  6. Click Buy Now and complete the payment.

Procedure for users of all paid editions

If you use the Anti-virus edition and want to enable container image scan, upgrade Security Center to the Advanced, Enterprise, or Ultimate edition and specify Container Image Scan. If you use the Advanced, Enterprise, or Ultimate edition and want to enable container image scan, specify Container Image Scan. For more information, see Upgrade and downgrade Security Center.