Version: v2.4

Scanning Registries

You can scan for vulnerabilities in images stored in AWS ECR, Azure Container Registry, Google Cloud Container Registry, Docker Hub, Docker Self-Hosted Private Registry, Quay, Harbor, Gitlab and JFrog from the registry scanning dashboard.

Supported Registries

Add Registries

Select the appropriate registry type, and + Add Registry. The credentials for each registry depends on the registry type; for example, to connect to a DockerHub Registry, use the following details:

DockerHub

ThreatMapper will index the artifacts in the Registry. You can scan them manually, and you can define a periodic schedule to scan. Results can be found on the Vulnerabilities report, and will be raised through any configured notifications.

Scan Results

More detailed instructions are as follows:

📄️ AWS ECR

You can add your private and public ECR repositories to ThreatMapper to scan for vulnerabilities, secrets and malwares.

Add Registries​

📄️ AWS ECR

Add Registries