Utilizing SaaS Security Scans with Snyk
Snyk is an online SaaS application that provides an easy-to-use interface that allows you to scan your Docker images for vulnerabilities. Although Snyk is a paid application, it does provide a free tier with a large amount of functionality to the user. It provides unlimited tests to open source projects and allows GitHub and GitLab integration, with remediation to open source projects and continuous monitoring. You are limited to the amount of container vulnerability testing that is allowed.
The following exercise will run through using the web interface providing a guide on how to register for an account and then add your container to be scanned for security vulnerabilities.
Exercise 11.04: Setting up a Snyk Security Scan
In this exercise, you will use your web browser to work with Snyk to start implementing security scans on our
- Create an account with Snyk if you have not used Snyk before or do not have...