docker:security:find_fix_and_monitor_for_open_source_vulnerabilities
Docker - Security - Find, fix and monitor for open source vulnerabilities
Scan your docker images for known vulnerabilities and integrate it as part of your continuous integration.
Snyk is an open source tool that scans for security vulnerabilities in open source application libraries and docker images.
Use Snyk to scan a docker image:
snyk test --docker node:10 --file=path/to/Dockerfile
Use Snyk to monitor and alert to newly disclosed vulnerabilities in a docker image:
snyk monitor --docker node:10
Scan a Docker image for known vulnerabilities with these commands:
# fetch the image to be tested so it exists locally docker pull node:10 # scan the image with snyk snyk test --docker node:10 --file=path/to/Dockerfile
References
docker/security/find_fix_and_monitor_for_open_source_vulnerabilities.txt · Last modified: 2020/07/15 10:30 by 127.0.0.1