Protecting The Backbone Of Modern Development: Scanning Secrets In Container Registries
Security Boulevard, Thursday, January 23rd, 2025
In November 2024, we investigated Docker Hub, the leading public container registry, uncovering a significant security issue affecting modern containerized environments.
Our analysis of 200,000 publicly available Docker images revealed 30,000 unique secrets hidden within 19,000 images-a staggering 10% of the dataset.
As the most widely used container registry, Docker Hub stores millions of public images, many unintentionally exposing critical credentials, API keys, and other sensitive information. Our research focused on images tied to production environments, uncovering a troubling trend:...