The DockerBench plugin provides an extension to the docker-bench-security.sh. Anything that can be done in the shell script can be done through the plugin. Contrary to plugins like Anchore, docker-bench-security scans your entire Docker Installation for vulnerabilities or best practice violations.

Requires the Internet to be available. It uses wget to download the latest version of docker-bench from Github.

Supported Versions

Docker version 18.06+ (Older versions of Docker may work but have not been tested)
Windows is NOT supported

Key Features

Automatically downloads the docker-bench-security.sh. No configuration/setup is needed in your environment or FlexDeploy.
Provides useful outputs for evaluating the results of the scan in FlexDeploy

Outputs

All operations in this plugin supply the same set of outputs which can be seen below:

Output Name	Description

Output Name	Description
`FDDKBENCH_OUT_CHECKS`	The number of checks run by the scan. This can vary depending on the number of images/containers in your docker install.
`FDDKBENCH_OUT_SCORE`	The overall score of the scan.

FlexDeploy - DockerBench Plugin Guide

Supported Versions

Key Features

Outputs

Plugin Operations

Related content