Synk Container RHM logo
Synk Container RHM logo

Snyk Container

By Snyk

Certified enterprise ready

Use Snyk Container to empower developers to easily build, share and use secure containers and automatically fix vulnerabilities throughout the SDLC, including Kubernetes clusters.

*Requires OpenShift to install

Software version

1.25.0

Rating

4 reviews

Developers are pulling in vast amounts of open source dependencies without any security control or visibility. Developers are the ones choosing the open source libraries and implementing fixes. The only way to scale security is to empower them to implement it efficiently. Snyk Container detect container vulnerabilities throughout the SDLC: from the image creation in the IDE and registry, through to the CICD pipeline, and all the way to monitoring Kubernetes and OpenShift clusters.

Vulnerability detection across the SDLC

Shift security to the left and test images locally with the Snyk CLI. Fix images and kubernetes configuration automatically, directly in source control. Integrate security directly into your pipeline. Use policies to break the build when you discover high severity vulnerabilities. Scan the images in your registries. Scan your clusters to detect vulnerable images and insecure configuration.

Fix recommendations to reduce time-to-fix

In-line fixes: Get straight to the version of the package that fixes the vulnerability. Image remediation: Scale the security process to quickly eliminate vulnerabilities by upgrading to the most secure base image or by rebuilding the image when outdated. Automated fix pull request: automate the base image upgrade process in your git with a fix pull request directly in the Docker-file.

Monitor continuously to protect after deployment

Image monitoring: Monitor your images for newly discovered vulnerabilities and receive alerts via Slack, Jira or email. Kubernetes configuration advice: Find and fix settings in Kubernetes that could expose your cluster to additional attacks and privilege escalations. Combine this information

Additional resources

Want more product information? Explore detailed information about using this product and where to find additional help.

Reviews

Read what others are saying about this product in our review section.

  • Oskar L.

    Oskar L.

    React Native Developer at Rakuten Kobo Inc.

    Verified Current User
    Review source: Organic
    Verified Current User
    Review source: Organic
    (0)Mar 16, 2019

    "Security with Ease"

    What do you like best?

    The best feature of Snyk is that their bot can provide you with a PR on Github with all the security fixes. You just review and click merge. Security can sometimes be easy! I also like to be reminded through mail if I have any issues or if everything is fine. It's easy to maintain through the site.

    What do you dislike?

    The UI would need a little bit love, especially on mobile web, but other than that the service works as I expect it.

    Recommendations to others considering the product:

    As long as your code is publicly available you should definitely use Snyk to have a friend checking up on you. It's like taking your code to the doctor.

    What problems are you solving with the product? What benefits have you realized?

    Maintaining Javascript projects on Github and making sure the security is up to date.

  • A

    Anonymous

    Verified Current User
    Review source: Organic
    Verified Current User
    Review source: Organic
    (0)Feb 27, 2019

    "Effective, targeted product - does its job well"

    What do you like best?

    Ease of automation - can do through command line or integration with version control system

    What do you dislike?

    Nothing really, other than knowing how many vulnerabilities are out there!

    What problems are you solving with the product? What benefits have you realized?

    Allows us to leverage open-source while minimizing security concerns - especially important when dealing with enterprise clients and data.

  • WB

    Window B.

    Review source: Invitation from G2
    Review source: Invitation from G2
    (0)Feb 22, 2019

    "Great for stopping vulnerabilities before they get merged."

    What do you like best?

    Multiple language support, rejection of pull requests with recommendations to fix.

    What do you dislike?

    Not much. Now that PHP is supported, it covers all languages we use.

    What problems are you solving with the product? What benefits have you realized?

    Simplified management and reduction of vulnerabilities introduced in custom and third party code.

  • A

    Anonymous

    Review source: Invitation from G2
    Review source: Invitation from G2
    (0)Jun 29, 2018

    "Fantastic, just wish it supported PHP"

    What do you like best?

    GitLab and GitHub integration, rejects pull/merge requests if vulnerable code introduced, recommends remediation steps.

    What do you dislike?

    Wish it supported PHP like it does JavaScript. With that, entire codebase would be supported.

    Recommendations to others considering the product:

    If you use GitHub or GitLab repos, look into it.

    What problems are you solving with the product? What benefits have you realized?

    See "what do you like best." Prevents insecure code from being merged.