We use cookies to ensure you get the best experience on our website.Read moreRead moreGot it

close
  • Products
    • Products
      • Snyk Open Source
        Avoid vulnerable dependencies
      • Snyk Code
        Secure your code as it’s written
      • Snyk Container
        Keep your base images secure
      • Snyk Infrastructure as Code
        Fix misconfigurations in the cloud
    • Platform
      • What is Snyk?
        See Snyk’s developer-first security platform in action
      • Developer Security Platform
        Secure all the components of the modern cloud native application in a single platform
      • Security Intelligence
        Access our comprehensive vulnerability data to help your own security systems
      • License Compliance Management
        Manage open source license usage in your projects
    • Self-paced security education with Snyk Learn
  • Resources
    • Using Snyk
      • Documentation
      • Vulnerability intelligence
      • Product training
      • Customer success
      • Support portal & FAQ’s
    • learn & connect
      • Blog
      • Community
      • Events & webinars
      • DevSecOps hub
      • Developer & security resources
    • Self-paced security education with Snyk Learn
  • Company
    • About Snyk
    • Customers
    • Partners
    • Newsroom
    • Snyk Impact
    • Contact us
    • Jobs at Snyk We are hiring
  • Pricing
Log inBook a demoSign up
All articles
  • Application Security
  • Cloud Native Security
  • DevSecOps
  • Engineering
  • Partners
  • Snyk Team
  • Show more
    • Vulnerabilities
    • Product
    • Ecosystems
docker image security scanning with snyk
Cloud Native Security

Integrated Docker Security Scanning by Snyk in Docker Hub

Jim Armstrong
Jim ArmstrongOctober 9, 2020

In our continuing quest to help developers create more secure containers, Snyk and Docker are pleased and excited to announce the release of our next phase of integration: Docker security scanning powered by Snyk directly in Docker Hub!

docker Security Scanning with Snyk

With this capability, teams can now securely collaborate in Docker Hub, with the full vulnerability details available as images are pushed. Now, individual users can create secure container images from their desktop, using the docker scan functionality locally to help select a secure base image and ensure any tools and libraries they add are safe.

Then when images are pushed to Docker Hub, teams will have security scan results available to ensure the shared images they’re using are safe. And if major issues are identified in Hub, the developer can make the appropriate updates on their desktop and push their updated image to back Hub.

Container image security as simple as docker push

The new image scanning integration runs a Snyk container vulnerability scan on images when they are pushed to your Docker Hub repository. There are no special steps required other than to turn on the feature on your repository and push an image. Turning on Docker security scanning is done with a single click of the “Enable” link, as shown in the image below:

container image vulnerability scanning result with Snyk

When an image is scanned the vulnerability results are available directly in the Docker Hub interface. You get high-level vulnerability stats for each tag that has been scanned, and if you view the details of an individual tag you can see the specific findings for that image, sorted by severity, as shown here:

detailed vulnerability issue in a container image found by Snyk

In the example above, you can find the high-level details of the vulnerability and whether there is a fix available directly from the vulnerability list. If you want to get more details on the security issue, you can select an individual vulnerability and see its dependency graph and you also have the ability to go to Snyk’s full vulnerability report for that particular issue.

End-to-end security for container developers

Being able to get vulnerability details on an individual’s desktop and in Docker Hub is a great step forward in creating secure containers. The Docker Hub view gives teams the confidence to use the images they are sharing and the integrated Docker security scanning in Docker Desktop helps developers find and fix issues before pushing to Hub and as new vulnerabilities are discovered.

Snyk can also secure the code you’re writing and running in containers and help you monitor containers as they’re running in Kubernetes and even ensure your Kubernetes configurations are secure as well.

End-to-end Docker security for container developers

Availability

  • Docker Hub: Pro and Team users can turn on vulnerability scanning powered by Snyk in Docker Hub today!
  • Snyk and Docker will be hosting a live demonstration event on Thursday, October 15 at 10 am PT / 1 pm ET / 7 pm BST. Register now to secure your seat!
  • Docker Desktop: The Snyk-powered Docker Desktop scanning capabilities are available in the Edge channel now! If you missed our Desktop announcement webinar you can catch the replay and download our Docker CLI Cheat Sheet to get started.

Let us know what you think

The Docker and Snyk teams aren’t done! We have more work underway, but we want to hear from you. If you have feedback or feature requests for our scanning in Docker Hub or Docker Desktop, please comment in Docker’s public roadmap.

Log4Shell resource center

We’ve created an extensive library of Log4Shell resources to help you understand, find and fix this Log4j vulnerability.

Browse Resources
Footer Wave Top
Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment
Develop Fast.
Stay Secure.
Snyk|Open Source Security Platform
Sign up for freeBook a demo

Product

  • Developers & DevOps
  • Vulnerability database
  • Pricing
  • Test with GitHub
  • API status
  • IDE plugins
  • What is Snyk?

Resources

  • Snyk Learn
  • Blog
  • Security fundamentals
  • Resources for security leaders
  • Documentation
  • Snyk API
  • Disclosed vulnerabilities
  • Open Source Advisor
  • FAQs
  • Website scanner
  • Japanese site
  • Audit services
  • Web stories

Company

  • About
  • Snyk Impact
  • Customers
  • Jobs at Snyk
  • Snyk for government
  • Legal terms
  • Privacy
  • Press kit
  • Events
  • Security and trust
  • Do not sell my personal information

Connect

  • Book a demo
  • Contact us
  • Support
  • Report a new vuln

Security

  • JavaScript Security
  • Container Security
  • Kubernetes Security
  • Application Security
  • Open Source Security
  • Cloud Security
  • Secure SDLC
  • Cloud Native Security
  • Secure coding
  • Python Code Examples
  • JavaScript Code Examples
Snyk|Open Source Security Platform

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.

Resources

  • Snyk Learn
  • Blog
  • Security fundamentals
  • Resources for security leaders
  • Documentation
  • Snyk API
  • Disclosed vulnerabilities
  • Open Source Advisor
  • FAQs
  • Website scanner
  • Japanese site
  • Audit services
  • Web stories

Track our development

© 2022 Snyk Limited
Registered in England and Wales
Company number: 09677925
Registered address: Highlands House, Basingstoke Road, Spencers Wood, Reading, Berkshire, RG7 1NT.
Footer Wave Bottom