CoreOS Clair

What do you like best?

One thing I like about this tool is the ease of use when scanning of vulnerabilities. This can easily be deployed with Kubernetes and Docker. Easy to use with enterprise distros like Red Hat. I really like how easy it is to set up on your machine. It takes only a few minutes with a Docker container to launch the platform.

What do you dislike?

It is an open source tool and not exactly reliable. There are updates that get launched for the tool; but there is no knowing whether the tool is completely up to date. It is not in a stable state for long term use and can require a lot of administration in order to support it.

Recommendations to others considering the product:

For anyone using CoreOS; I strongly recommend using AWS services as well as Red Hat enterprise; this is a great tool to implement into this kind of architecture.

What problems are you solving with the product? What benefits have you realized?

We are using CoreOS for vulnerability assessment. I am using this tool with Docker; in order to launch this tool on various servers; that way it can be used for vulnerability assessments. Benefits I have realized are that if you are already an AWS and Red Hat user; this tool is easy to set up.