DockSec: Open-Source AI-Powered Docker Security Scanner
Help Net Security, Monday, June 8th, 2026
DockSec combines three container scanners with AI to find Docker flaws and suggest line-specific fixes.
DockSec is an OWASP Incubator Project addressing the gap between vulnerability detection and remediation in container security. The Python tool runs Trivy, Hadolint, and Docker Scout against Dockerfiles and images, then uses AI to correlate findings, generate security scores, and propose targeted fixes.
Created by Advait Patel, it supports multiple LLM backends including OpenAI, Anthropic, and Google Gemini, with an offline scan-only mode. Patel positions DockSec between pure scanners, which find vulnerabilities but struggle with remediation, and expensive enterprise platforms.
The tool targets developers without dedicated security platforms, filling the workflow gap where container vulnerabilities typically remain unresolved.