This article shows you how to review host scan reports.

1. Overview

Twistlock scans all hosts where Defender is installed.

Defender scans hosts for the following types of vulnerabilities:

  • Host configuration: Vulnerabilities in the host setup.

  • Docker daemon configuration: Vulnerabilities that stem from misconfiguring your Docker daemons. Docker daemon derives its configuration from various files, including /etc/sysconfig/docker or /etc/default/docker. Misconfigured daemons affect all container instances on a host.

  • Docker daemon configuration files: Vulnerabilities that arise from improperly securing critical configuration files with the correct permissions.

  • Docker security operations: Recommendations and reminders for extending your current security best practices to include containers.

2. Reviewing host scan reports

To view the health of the hosts in your environment:

Procedure

  1. Open Console, then go to Monitor > Compliance > Hosts.

  2. Click on a host in the list.

    A report for the compliance issues on the host is shown.

    host scanning report

All vulnerabilities identified in the latest host scan can be exported to a CSV file by clicking on the CSV button in the top right of the table.