Community-driven open-source project DockSec uses AI to correlate container scanner findings and generate exact Dockerfile fixes, helping developers remediate vulnerabilities instead of just detecting them.
Open-source container security project DockSec is using AI and LLMs to help developers fix vulnerabilities in Docker images instead of simply detecting them, addressing a growing problem in modern container security workflows.
Recently adopted as an OWASP incubator project, DockSec correlates findings from Trivy, Hadolint and Docker Scout to eliminate duplicate alerts, prioritise vulnerabilities by real-world impact, and generate plain-English remediation guidance alongside exact Dockerfile fixes.
The community-driven and vendor-neutral project was independently built by Advait Patel in his spare time and is free to download and use. Patel said existing AI-powered scanners often overwhelm developers with CVEs but offer little remediation help.
“On a typical day I would scan a container image and get back 200+ CVEs. Most were noise, a few were real, but there was no easy way to tell a developer ‘fix these three lines and you are good’. Security tools are great at finding problems but bad at helping people fix them,” said Patel.
DockSec runs all scanners locally and only sends scan metadata to the LLM, ensuring image contents never leave the local environment. The platform supports OpenAI, Anthropic, Google Gemini and local models through Ollama.
Patel said scans across 15 container images uncovered 183 high-severity vulnerabilities and 15 critical ones, including 40 vulnerabilities in a HashiCorp Vault image.
According to Patel, DockSec’s methodology could also be adapted for SOC automation, infrastructure remediation and broader AI-assisted security fixing workflows.
