From 08354901a96fed0dd6100977d9ac65bcfa2a2c45 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Fri, 29 Sep 2023 16:43:12 +0200 Subject: [PATCH] scout: data handling for environment integrations Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- content/scout/data-handling.md | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/content/scout/data-handling.md b/content/scout/data-handling.md index 64b7b8bc7f..f128934f17 100644 --- a/content/scout/data-handling.md +++ b/content/scout/data-handling.md @@ -11,9 +11,10 @@ images that you analyze. This metadata is stored on the Docker Scout platform. ## Data transmission -Docker Scout collects and sends the following image metadata to the platform. +This section describes the data that Docker Scout collects and sends to the +platform. -Docker and OCI image metadata: +### Image metadata - Image creation timestamp - Image digest @@ -25,7 +26,7 @@ Docker and OCI image metadata: - Operating system type and version - Registry URL and type -Software Bill of Materials (SBOM) metadata: +### SBOM metadata - Package URLs (PURL) - Package author and description @@ -45,6 +46,18 @@ information on the SBOM. If there's a match, the results of the match are displayed in the user interfaces where Docker Scout data is surfaced, such as the Docker Scout Dashboard and in Docker Desktop. +### Environment metadata + +If you integrate Docker Scout with your runtime environment via the [Sysdig +integration](./integrations/environment/sysdig.md), the Docker Scout data plane +collects the following data points: + +- Kubernetes namespace +- Workload name +- Workload type (for example, DaemonSet) + +### Local analysis + For images analyzed locally on a developer's machine, Docker Scout only transmits PURLs and layer digests. This data is not persistently stored on the Docker Scout platform; it's only used to run the analysis. @@ -58,4 +71,4 @@ For the purposes of providing the Docker Scout service, data is stored using: Data is used according to the processes described at [docker.com/legal](https://www.docker.com/legal/) to provide the key -capabilities of Docker Scout. \ No newline at end of file +capabilities of Docker Scout.