April 1, 2025

Modern IT infrastructures increasingly rely on container technologies, including Docker. These lightweight, standalone packages for running a variety of applications are valued for their effectiveness and easy integration with infrastructures. Such containers simplify application development, testing, and deployment; they offer exceptional scalability and allow companies to reduce their update release cycle.

However, companies often use third-party images as templates for creating Docker containers, which may present a potential security risk, since images of this kind can contain loopholes or malicious features that pose a severe threat to infrastructures.

Unverified container images can be used to deploy malware or introduce undocumented features into a corporate ecosystem. They effectively open up a pathway for implementing supply chain attacks (or Supply Chain Compromise as classified by MITRE). Examining and analysing containers thoroughly with Dr.Web vxCube before putting them to use can help eliminate these risks.

New Dr.Web vxCube features

Docker-container analysis has been introduced to Dr.Web vxCube to address the growing number of container-related threats. Users can now conduct an in-depth analysis of container images to identify potential hidden threats as well as undocumented and malicious features.

The Dr.Web vxCube sandbox allows users to analyse the behaviour of suspicious objects and expose threats that can’t always be detected by conventional information security solutions. Dr.Web vxCube is an invaluable tool for countering modern-day attacks involving advanced persistent threats.

This sandbox is the perfect choice for any SOC (Security Operation Center) that strives to identify and neutralise threats as early as possible. With Dr.Web vxCube, security professionals can thoroughly examine suspicious files in the isolated environment manually or automatically, identify well-hidden threats, and get detailed insight into the malware’s behaviour, thus boosting the effectiveness of their security solutions. Using the sandbox helps security researchers make decisions faster and reduces their workload. Dr.Web vxCube supports a variety of platforms and applications, allowing SOC experts to analyse a wide range of threats.

Key Docker-container analysis features in Dr.Web vxCube include the ability to:

• Scan container images in the sandbox to identify hidden or malicious features;
• Analyse container behaviour, including network activity and interaction with the system;
• Identify undocumented features that may pose a safety risk;
• Generate a detailed report on the analysis results, which includes information about suspicious actions associated with the container image.

The advantages of analysing Docker container images with Dr.Web vxCube include:

• Better security for containerised applications thanks to in-depth image inspection;
• Reduced security risks for the entire IT infrastructure as malicious code can no longer be deployed on devices with unverified containers;
• Optimised container inspection for quick application development and deployment without compromising corporate security.

Learn more about Dr.Web vxCube and gain access to the demo version here: https://www.drweb.com/vxcube/.