Please have a look at my project.
I think many developers may want to use this tool to scan their image.
Operation teams may use it to decide if an image is secure _enough_ to be deployed etc.
It is much easier to use than the alternatives and gives you much better output.
Since SUSE/Portus#1289 got merged, Portus now integrates security
scanners in order to fetch vulnerabilities for the images stored in the
on-premise Docker registry. CoreOS Clair is a supported backend, so you
can now use Clair for this. This is all explained in the documentation:
http://port.us.org/features/6_security_scanning.html
Signed-off-by: Miquel Sabaté Solà <msabate@suse.com>
