Docker and Snyk are partnering to make vulnerability scanning seamless. Developers using Docker can use Snyk at multiple points in the toolchain to address open source security and license risks early and continuously monitor their images for newly disclosed vulnerabilities, after deploying to production.
As part of the partnership between Docker and Snyk, scanning container images for vulnerabilities is as easy as
docker scan. Check out our bite-sized lab Scan with the Docker CLI to learn how with an exercise using a sample goof container.
Snyk is built into Docker Hub! Image scanning in Docker Hub provides developers and other SDLC stakeholders visibility into the security risks of container Images in Docker Hub. Work through a sample workflow in our Lab Build Secure Containers with Docker and Snyk to see this in action.
Inside the Snyk UI, connect your Docker Hub to import container images as Snyk projects. Doing so allows you to test and monitor your image repositories directly from the Snyk UI. Check out Snyk Container Academy Workshop to learn how to set up the integration.