The short of it is this: there are two SaaS front ends pointing to the same tool—Black Duck’s Hub product, which vets, among other things, Docker containers.
Underneath the teaseware is a tool that checks exactly what is in the container being tested. Black Duck checks your container or those from Docker or Red Hat’s repository. The Docker tool checks just Docker containers.
By providing a view into the containers, Black Duck and Docker allow you to see vulnerabilities that could cause security problems.
Tom Henderson writes:
This is a stealth marketing campaign by Black Duck Software for their Hub SaaS tool subscription. This is also a way for Docker to fend of serious criticism of their biggest (in my opinion) flaw: container software manifest security chain of authorities.