Snyk Community

loading...
Cover image for [Announcement] Snyk and Docker Deepen Integration through New Features
Snyk

[Announcement] Snyk and Docker Deepen Integration through New Features

Jim Armstrong
I'm a big fan of containers and IaC. Formerly worked at Docker, VMware, and McAfee Security.
・2 min read

In our continuing quest to help developers create more secure containers, Snyk and Docker are pleased and excited to announce our next phase of integration: Docker security scanning powered by Snyk directly in Docker Hub, as well as being the exclusive provider of security insights for Docker Official Images and other future content certification programs.

Docker Security Scanning Directly in Docker Hub - Generally Available

This capability enables teams to securely collaborate in Docker Hub, with the full vulnerability details available as images are pushed. Now, individual users can create secure container images from their desktop, using the docker scan functionality locally to help select a secure base image and ensure any tools and libraries they add are safe.

Once images are pushed to Docker Hub, teams will have security scan results available to ensure the shared images they’re using are safe. And if major issues are identified in Hub, the developer can make the appropriate updates on their desktop and push their updated image back to the Hub.

Learn more and see an example in the blog post, and feel free to ask any questions.

Security Insights on Official Docker Images - Expected Q4 2020

Official Docker images comprise approximately 25% of the images downloaded from Docker Hub. Developers regularly choose from Docker’s 166 available Official Images as layers that make up their containers, rather than creating their own container components. This new integration of Snyk security insights into the Official Images enables developers to now incorporate vulnerability assessment along each step of the container development and deployment process.

To learn more about this integration and to get notified about its official release, subscribe in the thread for updates on this post.

Discussion (0)