US Patent 10152595 Container and image scanning for a platform-as-a-service system

A method of container and image scanning includes storing at a central scan store of a multi-tenant system, an image scan result for a container image, the container image for executing functionality of applications and comprising layers, wherein the image scan result generated by a scan process comprising scanning a top layer of the container image, the remaining layers of the container image are immutable, verifying a clean status of the remaining layers of the container image with the central scan store, and transmitting the image scan result for the container image, the image scan result being clean in response to a clean result returned for the scanning and successful verification of the clean status of the remaining layers. The method further includes responsive to receiving a container image scan result request for the container image, transmitting the image scan result for the container image.