Your RSA-2048 keys break in 2030. Find every one of them before attackers do.
SHIPImage Scanning

What's inside your container shouldn't surprise you in production.

O3 scans container images for OS vulnerabilities, malicious layers, embedded secrets, and misconfigured permissions — before they're pushed to any registry. Works with Docker, OCI, and distroless images.

LAYER INSPECTION

Every layer scanned. Nothing hidden between diffs.

Container images are not black boxes. O3 decomposes and inspects every layer — OS packages, application code, credentials, and layer-level changes — not just the final filesystem.

All OS packages across apt, apk, yum, rpm layers
CVEs matched per layer not just final image
Every added binary catalogued
Layer provenance traced to base image
O3 Image Scanner
Issues found
myapp/api:latest
Docker · 847 MB · 9 layers · sha256:3af8...c12e
Scanned
2 minutes ago
14
CVEs
2
Secrets
3
Misconfigs
Layer analysis
Layer 1FROM node:18-alpine
Clean
Layer 4RUN apt-get install openssl
7 CVEs — openssl 1.1.1w
Layer 6COPY .env /app/.env
AWS_SECRET_KEY detected
Layer 7RUN rm /app/.env
Secret still present in layer 6
Layer 9CMD ["node","server.js"]
Clean
SUPPLY CHAIN PROTECTION

Malicious base images look legitimate. We don't trust looks.

Supply chain attacks increasingly target base images — injecting malicious binaries or scripts that appear legitimate. O3 compares every added binary against known-good signatures and flags deviations before the image enters your registry.

Every added binary compared to known-good hashes
Matches against curated malware signature database
Unexpected cron jobs and startup scripts detected
Obfuscated shell scripts flagged for review
O3 Layer Analysis — Layer 5
Malicious content
Layer 5 diff
+ ADD /usr/local/bin/updater
34.2 KB · binary · x86_64
Hash comparison
Image hash
sha256:a3f8...9c2e
Expected (node:18-alpine)
sha256:b1e4...7d8a
HASH MISMATCH — Malicious binary detected

Binary differs from official node:18-alpine. Matches known signature: XMRig cryptominer. Source: compromised upstream base image.

Remediation

Rebuild from verified base image digest. Use --platform=linux/amd64 sha256:b1e4... to pin.

SECRET DISCOVERY

Deleted doesn't mean gone. Secrets persist across layers.

A secret removed in layer 7 is still in layer 3 — and anyone who pulls that image can read it. O3 scans every image layer independently because history doesn't disappear.

Secrets found even when deleted in subsequent layers
API keys, DB credentials, private keys detected
Entropy analysis catches obfuscated credentials
Git history inside images also scanned
O3 Secret Scanner
2 secrets found
Layer history
Layer 6COPY .env /app/.envSecret added
AWS_SECRET_KEY=wJalrXUtnFEMI/K7MD...
Layer 7RUN rm /app/.envFile deleted
Secret deleted in layer 7 but STILL ACCESSIBLE

Anyone who pulls this image can extract it with:

docker save myapp/api:latest | tar -xf - | ...
Remediation

Add .env to .dockerignore before the COPY. Rebuild from scratch — layer history cannot be cleared without a full rebuild.

REGISTRY INTEGRATION

Scan on push. Results before the pull completes.

O3 integrates directly with ECR, GCR, ACR, and Docker Hub. Scan on push, on pull, or on schedule — no changes to your build pipeline required. Get SBOM output in CycloneDX and SPDX formats.

Amazon ECR, Google GCR, Azure ACR, Docker Hub
Webhook on push — scan starts in under 5 seconds
Block promotion to prod registry if critical findings
CycloneDX and SPDX SBOM generated every scan
O3 Registry Monitor — ECR
Active
Live event log
14:32:01push detected: myapp/api:latest
Scan started
14:32:06Layer analysis complete · 9 layers
7 clean, 2 flagged
14:32:09CVE match: openssl 1.1.1w · 7 vulns
CRITICAL
14:32:11SBOM generated (CycloneDX 1.4)
112 components
Promotion to prod-ecr BLOCKED

Critical findings require remediation. Fix PR #47 opened automatically.

Know what's inside your containers.

Book a demo and see O3 scan your images layer by layer — CVEs, secrets, and malicious content flagged before any push.

FAQ

Questions,
answered.

Everything teams ask before rolling this out. Still stuck? Reach our team.

  • Container images are built in layers, and each layer persists independently even when a later layer deletes a file. A secret baked into layer 3 and deleted in layer 7 is still fully readable by anyone with access to the image, they just need to extract layer 3 directly. Malicious content added in an intermediate layer and then hidden is similarly accessible. O3 decomposes every layer and scans each one independently, not just the final merged filesystem.
  • O3 extracts all OS packages installed across every image layer, including packages installed via apt, apk, yum, rpm, and pip, and matches them against the full CVE database from NVD, OSV, and distribution-specific advisories (Alpine, Debian, Ubuntu, Red Hat, Amazon Linux). Each vulnerability is reported with CVSS score, exploitability assessment, fix version, and the specific layer where the vulnerable package was introduced.
  • O3 analyzes the diff introduced by each layer against a set of behavioral signals: unexpected binaries added to system paths, known malicious file hashes, obfuscated shell scripts, modified system libraries, added cron jobs or systemd units, and network listener binaries not present in the base image. Base image provenance is tracked so that deviations from the expected layer content are immediately surfaced.
  • O3 integrates directly with Amazon Elastic Container Registry (ECR), Google Container Registry (GCR) and Artifact Registry, Azure Container Registry (ACR), and Docker Hub. Images can be scanned on push via registry webhooks, on pull via a scanning proxy, or on a recurring schedule. O3 also works with private registries accessible via standard Docker registry API v2.
  • Yes. O3 scans distroless images, scratch-based images, and minimal bases like Alpine. For distroless images where there is no package manager, O3 uses binary-level analysis to identify the Go, Java, Python, Node.js, or Rust runtime and scans application-level dependencies directly from the binary and embedded manifests. SBOM generation works for all image types.