Forrester: The State of Application Security, 2022
Download ReportDownload Report

Keep secrets out of Docker images

GitGuardian scans your Docker images for secrets and sensitive data. Find hardcoded API keys, database credentials, private keys, and a lot more in your Docker images before publishing them to public or private artifact registries.

  • Scan Dockerfile, build args and Docker image layers’ filesystem
  • Integrate with your CI/CD pipelines
  • Find %ndet%+ types of secrets and sensitive files

Start scanning docker
from your CLI in 3 steps

Get your GitGuardian API key

Sign up here. Once you’re done, generate your API key
to use ggshield, the GitGuardian CLI app.

GGShield install step 1

Install ggshield CLI

Follow the steps in the documentation
to install ggshield on your machine.

GGShield install step 2

Scan a Docker image

Hooray 🎉 You can now scan your first Docker image
for hardcoded secrets. Run ggshield scan docker <IMAGE_NAME>.

Go further

[Tutorial] Shift your CI left with GitHub ActionsBlog
Blog

[Tutorial] Shift your CI left with GitHub Actions

Learn how to build a modern CI pipeline using GitHub Actions to achieve testing, building, and pushing Docker images.Harden your pipeline by scanning for leaked secrets and credentials with the help

Read more
[Research] Hunting for secrets in Docker Hub: what we’ve foundBlog
Blog

[Research] Hunting for secrets in Docker Hub: what we’ve found

In this article, we will explain why Docker images can contain sensitive information and give some examples of the type of secrets we found in public Docker images. Finally, we will compare our result

Read more
How to improve your Docker containers security [cheat sheet included]Cheat sheets
Cheat sheets

How to improve your Docker containers security [cheat sheet included]

Containers are no security devices. That's why we've curated a set of easily actionable recommendations to improve your Docker containers security. Check out the one-page cheat sheet.

Download now

Want to see more of GitGuardian?

Connect with our product experts
and get a 1:1 demo

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.