Date Approved
12-15-2022
Graduate Degree Type
Project
Degree Name
Computer Information Systems (M.S.)
Degree Program
School of Computing and Information Systems
First Advisor
Xinli Wang
Academic Year
2022/2023
Abstract
The technology landscape for container adoption has greatly evolved over the years from the first known Unix U7 container concept introduced in 1979 to the most utilized docker container concept which emerged in 2013. Docker container image is essentially a lightweight, standalone executable software package with capabilities to run an application. It is important to know that container images become containers when deployed, and simultaneously docker container images become docker containers when deployed on Docker Engine. This project paper aims, evaluates, and presents a methodology useful in vulnerability scanning of docker container images and suggests possible fixes based on OWASP and CVE standards before being deployed or made live. Results from this project show the importance of utilizing Docker Container Registry mapped with continuous integration and continuous deployment (CI/CD) pipeline for early detection of vulnerabilities in a docker image to help eliminate or reduce enterprise/organization data or security breaches.
ScholarWorks Citation
Ohaeche, Joseph U., "Docker Container Image – Vulnerability Scanning" (2022). Culminating Experience Projects. 234.
https://scholarworks.gvsu.edu/gradprojects/234
