Patent attributes
Implementations provide for container and image scanning for a Platform-as-a-Service (PaaS) system. A method of the disclosure includes initiating, by a processing device executing a node of a multi-tenant Platform-as-a-Service (PaaS) system, a scan process at the node to scan containers executing on the node, the containers executing functionality of multiple applications that are owned by multiple owners. The method further includes, for each container of the containers, scanning, by the processing device in accordance with the scan process, a top layer of application image instance used to launch the container in the node without scanning remaining layers of the application image instance, and terminating, by the processing device, the scan process for the container when the scanning generates a clean result.
