diff --git a/content/manuals/dhi/explore/scanner-integrations.md b/content/manuals/dhi/explore/scanner-integrations.md index b4df4245dc2..0992c50aa64 100644 --- a/content/manuals/dhi/explore/scanner-integrations.md +++ b/content/manuals/dhi/explore/scanner-integrations.md @@ -1,7 +1,7 @@ --- title: Scanner integrations description: Learn which vulnerability scanners work with Docker Hardened Images and how to choose the right scanner for accurate vulnerability assessment. -keywords: scanner integration, vulnerability scanning, docker scout, trivy, grype, mend.io, container security scanners +keywords: scanner integration, vulnerability scanning, docker scout, trivy, grype, mend.io, black duck, container security scanners weight: 40 --- @@ -26,6 +26,8 @@ Hardened Images to deliver more accurate vulnerability assessments: - [Mend.io](https://www.mend.io/): Automatically retrieves and applies VEX statements with zero configuration. Combines VEX data with reachability analysis. +- [Black Duck](https://www.blackduck.com/): Identifies Docker Hardened Images + and applies VEX statements with zero configuration. For step-by-step instructions, see [Scan Docker Hardened Images](/manuals/dhi/how-to/scan.md). @@ -66,8 +68,8 @@ from Docker Hardened Images offer the following benefits: aren't flagged; security teams and compliance officers can review the reasoning rather than trusting a vendor's black box. - Scanner flexibility: Switch between any VEX-enabled scanner (Docker Scout, - Trivy, Grype, Wiz, Mend.io, etc.) without losing vulnerability context or - rebuilding exclusion lists. + Trivy, Grype, Wiz, Mend.io, Black Duck, etc.) without losing vulnerability + context or rebuilding exclusion lists. - Consistent results: VEX-enabled scanners interpret the same data the same way, eliminating discrepancies between tools. - Faster workflows: Focus on real risks rather than researching why reported @@ -99,7 +101,7 @@ The image includes signed attestations that explain which vulnerabilities don't apply and why. Any VEX-enabled scanner can read these attestations, giving you: - Tool flexibility: Use any scanner that supports OpenVEX (Docker Scout, - Trivy, Grype, Wiz, Mend.io, etc.) + Trivy, Grype, Wiz, Mend.io, Black Duck, etc.) - Complete transparency: Review the exact reasoning for each vulnerability assessment - Full auditability: Security teams and compliance officers can independently diff --git a/content/manuals/dhi/how-to/scan.md b/content/manuals/dhi/how-to/scan.md index 3969b5e44ad..87edf5fc631 100644 --- a/content/manuals/dhi/how-to/scan.md +++ b/content/manuals/dhi/how-to/scan.md @@ -1,8 +1,8 @@ --- title: Scan Docker Hardened Images linktitle: Scan an image -description: Learn how to scan Docker Hardened Images for known vulnerabilities using Docker Scout, Grype, Trivy, Wiz, or Mend.io. -keywords: scan container image, docker scout cves, grype scanner, trivy container scanner, mend.io, vex attestation +description: Learn how to scan Docker Hardened Images for known vulnerabilities using Docker Scout, Grype, Trivy, Wiz, Mend.io, or Black Duck. +keywords: scan container image, docker scout cves, grype scanner, trivy container scanner, mend.io, black duck, vex attestation weight: 46 --- @@ -23,6 +23,8 @@ read and apply the VEX statements included with Docker Hardened Images: zero configuration - [Mend.io](#mendio): Automatically applies VEX statements with zero configuration +- [Black Duck](#black-duck): Automatically applies VEX statements with + zero configuration For guidance on choosing the right scanner and understanding the differences between VEX-enabled and non-VEX scanners, see [Scanner @@ -401,6 +403,14 @@ as Not Affected, Fixed, or Under Investigation. For more information, see the [Mend.io Docker Hardened Images documentation](https://docs.mend.io/platform/latest/docker-hardened-images). +## Black Duck + +[Black Duck](https://www.blackduck.com/) identifies Docker Hardened Images and +applies their VEX statements without additional configuration. + +For more information, see the [Black Duck +documentation](https://documentation.blackduck.com/bundle/bd-hub/page/Reporting/vexReport_global.html). + ## Export VEX attestations For scanners that need local VEX files (like Grype or Trivy with local files), diff --git a/content/manuals/dhi/resources.md b/content/manuals/dhi/resources.md index dcc6d76126f..a563a112767 100644 --- a/content/manuals/dhi/resources.md +++ b/content/manuals/dhi/resources.md @@ -19,6 +19,7 @@ features, and announcements: | Date published | Title | |------|-------| +| May 5, 2026 | [Precision Container Security with Docker and Black Duck](https://www.docker.com/blog/precision-container-security-with-docker-and-black-duck/) | | April 14, 2026 | [Why We Chose the Harder Path: Docker Hardened Images, One Year Later](https://www.docker.com/blog/why-we-chose-the-harder-path-docker-hardened-images-one-year-later/) | | April 8, 2026 | [Reclaim Developer Hours through Smarter Vulnerability Prioritization with Docker and Mend.io](https://www.docker.com/blog/reclaim-developer-hours-through-smarter-vulnerability-prioritization-with-docker-and-mend-io/) | | March 3, 2026 | [Announcing Docker Hardened System Packages](https://www.docker.com/blog/announcing-docker-hardened-system-packages/) |