From 9afa26d13579b4d4b07723aae63b31800e5d5a1a Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Mon, 16 Oct 2023 14:31:56 +0200 Subject: [PATCH 1/4] scout: add RLSA and ALSA advisory sources Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- content/scout/advisory-db-sources.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/content/scout/advisory-db-sources.md b/content/scout/advisory-db-sources.md index 9a591b085d..444f3ba4ab 100644 --- a/content/scout/advisory-db-sources.md +++ b/content/scout/advisory-db-sources.md @@ -21,9 +21,10 @@ advisory database and CVE-to-package matching service works. Docker Scout creates and maintains its vulnerability database by ingesting and collating vulnerability data from multiple sources continuously. These sources include many recognizable package repositories and trusted security -trackers, such as: +trackers, including: - [Alpine secdb](https://secdb.alpinelinux.org/) +- [AlmaLinux Security Advisory](https://errata.almalinux.org/) - [Amazon Linux Security Center](https://alas.aws.amazon.com/) - [CISA Known Exploited Vulnerability Catalog](https://www.cisa.gov/known-exploited-vulnerabilities-catalog) @@ -39,6 +40,7 @@ trackers, such as: - [Python Packaging Advisory Database](https://github.com/pypa/advisory-database) - [RedHat Security Data](https://www.redhat.com/security/data/metrics/) +- [Rocky Linux Security Advisory](https://errata.rockylinux.org/) - [RustSec Advisory Database](https://github.com/rustsec/advisory-db) - [SUSE Security CVRF](http://ftp.suse.com/pub/projects/security/cvrf/) - [Ubuntu CVE Tracker](https://people.canonical.com/~ubuntu-security/cve/) From edc7623fa2b2041c7a851089c8e139304f3e32ec Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Mon, 16 Oct 2023 15:04:28 +0200 Subject: [PATCH 2/4] scout: improve sbom-advisory verbiage Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- content/scout/advisory-db-sources.md | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/content/scout/advisory-db-sources.md b/content/scout/advisory-db-sources.md index 444f3ba4ab..a38ac73a56 100644 --- a/content/scout/advisory-db-sources.md +++ b/content/scout/advisory-db-sources.md @@ -47,23 +47,23 @@ trackers, including: - [Wolfi Security Feed](https://packages.wolfi.dev/os/security.json) - [Chainguard Security Feed](https://packages.cgr.dev/chainguard/security.json) -Docker Scout correlates this data by making a full inventory of a container -image and storing that inventory in a [software bill of materials -(SBOM)](https://ntia.gov/sites/default/files/publications/sbom_at_a_glance_apr2021_0.pdf). +Docker Scout correlates the vulnerability data from these advisories with the +Software Bill of Materials (SBOM) of container images to detect what +vulnerabilities affect an image. The SBOM summarizes the contents of an image, +and Docker Scout stores the SBOM in its database. -The SBOM summarizes the contents of the image and how the contents got there -meaning that when there is information about a new vulnerability, Docker Scout -correlates it with the SBOM. If Docker Scout finds a match for a vulnerability, -it can identify the artifact that’s now vulnerable, why, and where it’s in use. +When there is information about a new vulnerability, Docker Scout correlates +the vulnerable package with the SBOMs in the database to identify affected +images. -When a customer enrolls with Docker Scout, the organization receives their own -instance of the database. This database tracks timestamped metadata about your +When you enable Docker Scout for your organization, you receive your own +instance of the database. The database tracks timestamped metadata about your images that Docker Scout can then match to CVEs. Find more details on how this works in the [image analysis page](./image-analysis.md). -Docker Scout is ideal for analyzing images in Docker Desktop and Docker Hub, but -the flexibility of the approach also means it can integrate with other systems, -see [Integrating Docker Scout with other systems](./integrations/index.md). +Docker Scout image analysis integrates seamlessly with Docker Desktop and +Docker Hub, and you can also enable integrations with other systems, see +[Integrating Docker Scout with other systems](./integrations/index.md). ## How Docker Scout makes more precise matches From 3ccd1e7a574c91edc9381b2cbd2c062863da6296 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Mon, 16 Oct 2023 15:05:17 +0200 Subject: [PATCH 3/4] vale: add npm to vocabulary Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- .github/vale/Vocab/Technology/accept.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/vale/Vocab/Technology/accept.txt b/.github/vale/Vocab/Technology/accept.txt index 167cf66e9c..b44beaa9b1 100644 --- a/.github/vale/Vocab/Technology/accept.txt +++ b/.github/vale/Vocab/Technology/accept.txt @@ -117,6 +117,7 @@ macvlan mfsymlinks minikube musl +npm osquery osxfs paravirtualization From 639731d604a7fe7903ea83243d468dba970119fa Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Mon, 16 Oct 2023 15:05:41 +0200 Subject: [PATCH 4/4] scout: fix npm casing Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- content/scout/advisory-db-sources.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/scout/advisory-db-sources.md b/content/scout/advisory-db-sources.md index a38ac73a56..d0e0f9b988 100644 --- a/content/scout/advisory-db-sources.md +++ b/content/scout/advisory-db-sources.md @@ -79,7 +79,7 @@ cpe::::::::