Let's secure your containers
Getting started
We support a number of different options when it comes to scanning and monitoring containers, we believe in making the whole process secure from pushing and merging your code to monitoring your apps.
And we want to make that so easy, its hard not to do it!
Scan your images in minutes
1. Download the tool manually or via the code below. Download
sudo wget https://phonito-public-artifacts.azureedge.net/scanner/phonito-scanner -O /usr/local/bin/phonito-scanner sudo chmod +x /usr/local/bin/phonito-scanner
2. You can then scan a container from the command line, making sure to either authenticate or providing the PHONITO_API_TOKEN
environment variable:
Logging into Phonito Security from the command line:
phonito-scanner --auth ? Email: example@email.com ? Password: *********** Success! Welcome To Phonito Security!
Alternatively, set the PHONITO_API_TOKEN environment variable (this can be useful for authenticating in automated environments):
export PHONITO_API_TOKEN="GET YOUR API TOKEN HERE https://phonito.io/setup" phonito-scanner -i image:tag
Example output:
(Optional) Cause a build to fail by passing the --fail-level
option. This will cause a non zero status code if there is a vulnerability of the specified level or higher.
For example, if --fail-level
is set to "HIGH", any image that has a CRITICAL or HIGH vulnerability will fail.
phonito-scanner -i image:tag --fail-level HIGH
Copyright Phonito 2021