cleanstart/openscap

Verified Publisher

By CleanStart

•Updated about 7 hours ago

Secure by Design, Built for Speed, Hardened Container Images on a minimal base CleanStart OS.

Image
Security
0

10K+

cleanstart/openscap repository overview

⁠Container Documentation for Openscap Documentation

The CleanStart Openscap image provides a production-ready, security-hardened container optimized for enterprise environments. Built on a minimal base OS with comprehensive security hardening, this image delivers reliable application execution with advanced security features.

šŸ“Œ Base Foundation: Production-ready container from cleanstart.

Image Path: cleanstart/openscap

Registry: cleanstart Registry

⁠Pull Latest Image

Download the container image from the registry

docker pull cleanstart/openscap:latest
docker pull cleanstart/openscap:latest-dev

⁠Basic Run

Run the container with basic configuration

docker run -it --name openscap cleanstart/openscap:latest

⁠Production Deployment

Deploy with production security settings

docker run -d --name openscap-prod \
  --security-opt=no-new-privileges \
  --user 1000:1000 \
  --restart unless-stopped \
  cleanstart/openscap:latest

Volume Mount Mount local directory for persistent data

docker run -v /app:/app cleanstart/openscap:latest

Port Forwarding Run with custom port mappings

docker run -p 8080:8080 cleanstart/openscap:latest

⁠Kubernetes Security Context

Recommended security context for Kubernetes deployments

securityContext:
  allowPrivilegeEscalation: false
  capabilities:
    drop:
    - ALL
  readOnlyRootFilesystem: true
  runAsUser: 1000
  runAsGroup: 1000

⁠Documentation Resources

Essential links and resources for further information


Vulnerability Disclaimer

CleanStart offers Docker images that include third-party open-source libraries and packages maintained by independent contributors. While CleanStart maintains these images and applies industry-standard security practices, it cannot guarantee the security or integrity of upstream components beyond its control.

Users acknowledge and agree that open-source software may contain undiscovered vulnerabilities or introduce new risks through updates. CleanStart shall not be liable for security issues originating from third-party libraries, including but not limited to zero-day exploits, supply chain attacks, or contributor-introduced risks.

Security remains a shared responsibility: CleanStart provides updated images and guidance where possible, while users are responsible for evaluating deployments and implementing appropriate controls.

Tag summary

Content type

Image

Digest

sha256:d7512fcb3…

Size

81.4 MB

Last updated

about 7 hours ago

docker pull cleanstart/openscap:1.4.4-arm64-dev