Let's secure your containers
We support a number of different options when it comes to scanning and monitoring containers, we believe in making the whole process secure from pushing and merging your code to monitoring your apps.
And we want to make that so easy, its hard not to do it!
Scan your images in minutes
1. Download the tool manually or via the code below. Download
sudo wget https://phonito-public-artifacts.azureedge.net/scanner/phonito-scanner -O /usr/local/bin/phonito-scanner sudo chmod +x /usr/local/bin/phonito-scanner
2. You can then scan a container from the command line, making sure to either authenticate or providing the
PHONITO_API_TOKEN environment variable:
Logging into Phonito Security from the command line:
phonito-scanner --auth ? Email: firstname.lastname@example.org ? Password: *********** Success! Welcome To Phonito Security!
Alternatively, set the PHONITO_API_TOKEN environment variable (this can be useful for authenticating in automated environments):
export PHONITO_API_TOKEN="GET YOUR API TOKEN HERE https://phonito.io/setup" phonito-scanner -i image:tag
(Optional) Cause a build to fail by passing the
--fail-level option. This will cause a non zero status code if there is a vulnerability of the specified level or higher.
For example, if
--fail-level is set to "HIGH", any image that has a CRITICAL or HIGH vulnerability will fail.
phonito-scanner -i image:tag --fail-level HIGH
Copyright Phonito 2020