docker:security:find_fix_and_monitor_for_open_source_vulnerabilities
This is an old revision of the document!
Docker - Security - Find, fix and monitor for open source vulnerabilities
Scan your docker images for known vulnerabilities and integrate it as part of your continuous integration.
Snyk is an open source tool that scans for security vulnerabilities in open source application libraries and docker images.
Use Snyk to scan a docker image:
snyk test --docker node:10 --file=path/to/Dockerfile
Use Snyk to monitor and alert to newly disclosed vulnerabilities in a docker image:
snyk monitor --docker node:10
References
docker/security/find_fix_and_monitor_for_open_source_vulnerabilities.1587238272.txt.gz · Last modified: 2020/07/15 09:30 (external edit)