Snyk Documentation

Snyk UI—analysis and remediation

Once you run snyk test at least once, run snyk monitor from the CLI. Alternatively, integrate with Docker Hub from the UI and select to import your projects to import and then monitor from the Snyk UI.

We then scan your project, testing for vulnerabilities, and import a snapshot of your projects.

From the Projects page, if the project is imported from Docker Hub then it is marked with a Docker Hub icon; if it is imported from the CLI, then similarly it is marked with a CLI icon.

You can filter for all container projectsn, similar to the following example:

When you open any container project, the resulting analysis and remediation advice are displayed from the Snyk UI similar to the following:

The following information is displayed:

  • Project summary, displays general project details, including these unique details:
    • Image ID
    • Image tag
    • Base Image
    • Total dependencies with known vulnerabilities, and the total number of vulnerabilities
  • Remediation advice—if you included your Dockerfile for monitoring, then any available actionable remediation advice is displayed. To view all advice, click the Show more upgrade types link. The advice offered is dependent on available remediation, and appears similar to the following image:

    • Upgrade suggestions can include:
      • Minor upgrades—the safest and best minor upgrade available
      • Major upgrades—an option for a major upgrade which will reduce more vulnerabilities but with greater risk
      • Alternative upgrades—viable alternative image options for replacing your current base image with other, different base images that provide the least amount of vulnerabilities possible.
      • If your base image is outdated, Snyk also recommends rebuilding your image.
    • Upgrade recommendations include these details:
      • the name of the recommended base image version
      • the number of vulnerabilities existent in the recommended upgrade
      • a summary of the vulnerability severities accordingly.
  • Filters—in addition to the other filters available for all supported project types, when you view a container project, you can also filter by a specific binary or by OS packages (for binaries/packages containing issues)
    Note: if there is only one category of issue in your container, such as Node binary vulnerabilities only or OS packages only, this filter does not appear.
  • Issues tab—List of vulnerabilities, including origins, paths, and an overview of the vulnerability
  • Dependencies tab—a tree view of package hierarchy inside the image