Difference between docker-inspector Vs. synopsys-detect's binary scan option Vs. Blackduck Binary Analysis

[agu3rra]

Is there a practical difference between scans performed via the blackduck-docker-inpector on images and synopsys-detect's binary scan parameter for docker images? Additionally is there any expected difference between scans with Blackduck Hub and Synopsis' dedicated binary scanner called Blackduck Binary Analysis (BDBA)?

[agu3rra]

I recently came across the answer to the docker-inspector and synopsys-detect JAR's. Activity log on the scan with synopsys-detect points that docker-inspector gets called by it at runtime. So using one or the other for scanning container images should yield the same results.

2021-08-23 10:11:39 BRT DEBUG [main] --- Successfully parsed property: ["https://sig-repo.synopsys.com/bds-integrations-release/com/synopsys/integration/blackduck-docker-inspector/9.2.3/blackduck-docker-inspector-9.2.3.jar"] 2021-08-23 10:11:39 BRT INFO [main] --- Finding or downloading the docker inspector. 2021-08-23 10:11:39 BRT DEBUG [main] --- Downloading docker inspector from 'https://sig-repo.synopsys.com/bds-integrations-release/com/synopsys/integration/blackduck-docker-inspector/9.2.3/blackduck-docker-inspector-9.2.3.jar' to '[REDACTED]/blackduck/tools/docker'.

[agu3rra]

Adding on top of this. After successfully calling synopsys-detect with --detect.tools="BINARY_SCAN", results that appeared in BDBA seem to also appear in Blackduck Hub.