Software supply chain, simplified
Now in General Availability
Security
Actionable insights for software supply chain management
Docker Scout generates signals across the software supply chain that inform improved development workflows. Developers are guided by contextual recommendations right where they work, leveraging data collected from a wide range of integrations.
Analyze
Docker Scout offers developers analysis and context into components, libraries, tools, and processes, resulting in increased transparency of the software supply chain.
Remediate
Docker Scout guides users toward smarter development decisions through context-aware recommendations, enabling developers to efficiently build applications with reliability and security in place from the start.
Evaluate
Docker Scout detects, highlights, and suggests corrections based on relevant changes in state or deviation of policies. Application security is ensured by providing suggestions to tackle security concerns before they hit production.
Key Docker Scout features
Build with reliability and security in place from the start
Trusted content
Track the life cycle of software artifacts built on trusted content, including Docker Official Images, Docker Verified Publishers, and Docker-Sponsored Open Source, which form the foundation for reliable and secure software applications.
Centralized view
Operate from one view of centralized insights, for visibility and control over all of the information in the software development process from the software design phase into production.
Recommended workflows
Build faster and more reliable applications through context-aware recommendations embedded into common developer workflows, all while improving application security posture and ensuring compliance with internal security requirements.
Docker Scout pricing
Create your subscription by selecting the plan that best suits your needs.
Scout FreeIdeal for anybody looking to get started with software supply chain security$0per monthGet started |
Scout Team
Ideal for mid-size development teams with fewer than 100 container image repositories
Yearly
$12per repo
|
Scout BusinessIdeal for large organizations that need visibility across 100+ container image repositoriesContact usContact us |
|
|---|---|---|---|
| Advanced image analysis | |||
| For local images | Unlimited | Unlimited | Unlimited |
| For remote images | Up to 3 repos | $9 per repo per month |
Contact sales for bulk pricing |
| SDLC integrations | Up to 3 repos | $9 per repo per month |
Contact sales for bulk pricing |
| Security posture reporting | Up to 3 repos | $9 per repo per month |
Contact sales for bulk pricing |
| Policy evaluation | Up to 3 repos | $9 per repo per month |
Contact sales for bulk pricing |
Scout FreeIdeal for anybody looking to get started with software supply chain security$0per monthGet started |
|---|
| Advanced image analysis |
|
For local images Unlimited |
|
For remote images Up to 3 repos |
|
SDLC integrations Up to 3 repos |
|
Security posture reporting Up to 3 repos |
|
Policy evaluation Up to 3 repos |
Scout Team
Ideal for mid-size development teams with fewer than 100 container image repositories
Yearly
$12per repo
|
| Advanced image analysis |
|
For local images Unlimited |
|
For remote images $9 per repo |
|
SDLC integrations $9 per repo |
|
Security posture reporting $9 per repo |
|
Policy evaluation $9 per repo |
Scout BusinessIdeal for large organizations that need visibility across 100+ container image repositoriesContact usContact us |
| Advanced image analysis |
|
For local images Unlimited |
|
For remote images Contact sales for bulk pricing |
|
SDLC integrations Contact sales for bulk pricing |
|
Security posture reporting Contact sales for bulk pricing |
|
Policy evaluation Contact sales for bulk pricing |
Try Docker Scout
Already have Docker?
Start using Docker Scout to manage your software supply chain.
Use Scout today
Get started with Docker Scout and generate actionable insights across the software supply chain.
Contact sales
FAQ
Who can enable Docker Scout for my organization?
Will remediation suggestions change depending on which layer is vulnerable?
How is Docker Scout using an SBOM?
What makes Docker Scout different from other tools?
Competitors, if they offer remediation guidance at all, miss the mark on their limited scope of application security posture within the software supply chain, and often limited guidance when it comes to suggested fixes. Competitors have either limitations on runtime monitoring or no runtime protection at all. When they do offer runtime monitoring, it’s limited in its adherence to key policies. Competitors offer a limited scope on policy evaluation for Docker-specific builds.
Can I still use other security tools, such as Snyk, in tandem with Docker Scout?
What do I need to enable Docker Scout on remote images in Docker Hub, Amazon ECR, or JFrog Artifactory?
What do I need to enable Docker Scout on remote images in registries?
Pricing FAQ
Can I use Docker Scout on private images?
How are repos counted?
A repo is any repository that has been enabled to use Docker Scout. Docker Scout can be enabled in repos on Docker Hub. Docker Scout also includes integrations with other registries (JFrog Artifactory or Amazon ECR), CI/CD systems (GitHub Actions, GitLab DevOps, Microsoft ADO), and runtime monitoring (Sysdig).
What license terms are available?
Scout Team can be purchased on a monthly or annual basis; Scout Business can only be purchased on an annual basis.
Which registries and CI/CD systems does Scout currently support?
Docker Scout can be enabled for the following:
Registries: Docker Hub, JFrog Artifactory, Amazon ECR
CI/CD Systems: GitHub Actions, Gitlab, Jenkins, Microsoft ADO
Runtime monitoring: Sysdig
Any repo enabled for Docker Scout counts towards the monthly repo allowance for your plan.