Docker and Snyk Partner on Container Vulnerability Scanning
May 19, 2020

Docker has partnered with Snyk to deliver the first, native vulnerability scanning of container images in Docker.

Together, Docker and Snyk will provide a streamlined workflow that makes the application development process more secure for millions of developers, allowing them to more quickly and confidently build secure applications as an automated part of their toolchain.

Traditionally, if and when a developer working with Docker discovered vulnerabilities, they had to add several separate steps to their workflow to scan container images, identify a fix and remediate effectively. Snyk’s developer-first approach to security empowers developers with visibility to automatically find vulnerabilities in open source libraries and container images.

With the addition of Snyk’s container image scanning and vulnerability database natively integrated into Docker, developers will have continuous security insight embedded into their inner-loop development process. This integrated approach gives developers an easy and efficient way to build and secure containers in an agile and productive application development workflow.

“The addition of scanning images in Docker through the new integration with Snyk means that developers are more easily able to find and fix vulnerabilities throughout the development process,” said Justin Graham, VP of Products, Docker. “We are giving developers and development teams the peace of mind that container images stored in their Docker Hub repositories are scanned, and vulnerabilities identified and communicated to them, while eliminating extra steps in their application development workflow.”

"We are excited to partner with Docker to provide a streamlined workflow that brings automation and efficiency to building secure cloud-native applications for millions of developers," said Aner Mazur, CPO, Snyk. "This partnership is making security a top priority in the container application development process and setting a new standard for early and continuous application security driven by the development team."

Image scanning from Snyk will be generally available for Docker users in the third quarter of 2020.

Share this

Industry News

June 04, 2020

Exadel announced Appery.io, its low code development platform, now offers new subscription tiers.

June 04, 2020

NetApp has entered into a definitive agreement to acquire Spot, a provider of compute management and cost optimization on the public clouds, to establish leadership in Application Driven Infrastructure.

June 04, 2020

Fluree announced the release of the Fluree JavaScript Library, a feature included in Fluree V0.13.0 that enables developers to launch a version of Fluree as an in-memory, code-resident data source for front-end applications, enabling sub-millisecond data delivery.

June 03, 2020

Netcracker Technology announced the launch of its Netcracker 2020 portfolio to help service providers focus on their customer’s digital lifestyle.

June 03, 2020

Navisite announced its acquisition of Privo, a Premier Consulting Partner in the Amazon Web Services (AWS) Partner Network (APN).

June 03, 2020

Grafana Labs released Grafana 7.0 with significant enhancements to simplify the development of custom plugins and drastically increase the power, speed and flexibility of visualization.

June 02, 2020

Chef announced a number of new products designed to enable coded enterprises to work across silos to build competitive advantage through automation.

June 02, 2020

Rancher Labs announced the general availability of Longhorn, an enterprise-grade, cloud-native container storage solution.

June 02, 2020

Checkmarx announced the launch of Checkmarx SCA (CxSCA), the company’s new, SaaS-based software composition analysis solution.

June 01, 2020

IT Revolution announced a full conference agenda for DevOps Enterprise Summit London, June 23-25, 2020.

June 01, 2020

Caltech CTME announced that Simplilearn, a global provider of digital skills training, will collaborate with CTME (Caltech's Center for Technology and Management Education) to offer a specialized Post Graduate Program in DevOps software engineering.

June 01, 2020

DevOps Institute, a global member-based association for advancing the human elements of DevOps, announced the introduction of its SKILup Playbook Library, a dynamic collective body of knowledge (cBok) that aligns thought leadership from industry experts with a set of dynamic, orchestrated artifacts, research and assets.

May 28, 2020

Docker has extended its strategic collaboration with Microsoft to simplify code to cloud application development for developers and development teams by more closely integrating with Azure Container Instances (ACI).

May 28, 2020

Eggplant announced updates to its Digital Automation Intelligence (DAI) platform.

May 28, 2020

Aptum launched its Managed DevOps Service in partnership with CloudOps, a cloud consulting and professional services company specializing in DevOps.