Let's secure your containers

Getting started


We support a number of different options when it comes to scanning and monitoring containers, we believe in making the whole process secure from pushing and merging your code to monitoring your apps.

And we want to make that so easy, its hard not to do it!

  1. Manual scans
  2. Github actions
  3. Azure DevOps
  4. Docker
  5. Docker Compose
  6. Kubernetes

Scan your images in minutes


1. Download the tool manually or via the code below. Download

sudo wget https://phonito-public-artifacts.azureedge.net/scanner/phonito-scanner -O /usr/local/bin/phonito-scanner
sudo chmod +x /usr/local/bin/phonito-scanner

2. You can then scan a container from the command line, making sure to either authenticate or providing the PHONITO_API_TOKEN environment variable:


Logging into Phonito Security from the command line:

phonito-scanner --auth
? Email: example@email.com
? Password: ***********
Success! Welcome To Phonito Security!

Alternatively, set the PHONITO_API_TOKEN environment variable (this can be useful for authenticating in automated environments):

export PHONITO_API_TOKEN="GET YOUR API TOKEN HERE https://phonito.io/setup"
phonito-scanner -i image:tag

Example output:


(Optional) Cause a build to fail by passing the --fail-level option. This will cause a non zero status code if there is a vulnerability of the specified level or higher. For example, if --fail-level is set to "HIGH", any image that has a CRITICAL or HIGH vulnerability will fail.

phonito-scanner -i image:tag --fail-level HIGH
Get Started For Free

Copyright Phonito 2019