There are lots of ways to manage the security of your docker images. Many companies don't even have a plan for patching, which is crazy because we are used to patching our laptops and phones, but our Docker Images often protect more data.
Some basic plans might be.
If you're managing many Docker Images the cost of making sure your images are updated will be higher.
This would be if you create your docker images, deploy them, they work fine for a while. Then one day you read a story about someone getting hacked and think you should do some patching yourself.
The driver here is external, if there is no plan and patching is left up to the whims of people who have other things to do. It won't happen until it's too late.
This is for organised people, those who like their calendar. You might have a weekly or monthly reminder to review the security of your images. This is great your images are never too far behind but if a new critical vulnerability is discovered it could be at most a month before you notice.
For the frantic. You've subscribed to every security mailing list you can find, your inbox looks like a bomb has gone off. You're getting the security notifications for every minor, major and critical announcement. Every once in a while you see an announcement for something you use in one of your docker images.
This is a challenging one it feels like your doing the right thing, you feel busy, your reading all the announcements but its hard to scale things slip through the cracks, you have no perspective.
With Docker Dash you get the best of Regular Review and Patch on Announcement with ease and perspective. You can configure how frequently you want your review cycle to be, and if you want more frequent alerts for critical announcements.
Signup to Docker Dash start your Docker patching plan