Docker and Snyk Announce Partnership to Streamline Container Vulnerability Scanning for Developers


Millions of developers to benefit from Snyk's vulnerability scanning natively integrated into the Docker workflow for faster and more secure application development

PALO ALTO, Calif., May 19, 2020 (GLOBE NEWSWIRE) -- Docker today announced that it has partnered with Snyk to deliver the first, native vulnerability scanning of container images in Docker. Together, Docker and Snyk will provide a streamlined workflow that makes the application development process more secure for millions of developers, allowing them to more quickly and confidently build secure applications as an automated part of their toolchain.

Traditionally, if and when a developer working with Docker discovered vulnerabilities, they had to add several separate steps to their workflow to scan container images, identify a fix and remediate effectively. Snyk’s developer-first approach to security empowers developers with visibility to automatically find vulnerabilities in open source libraries and container images.

With the addition of Snyk’s container image scanning and vulnerability database natively integrated into Docker, developers will have continuous security insight embedded into their inner-loop development process. This integrated approach gives developers an easy and efficient way to build and secure containers in an agile and productive application development workflow.

“The addition of scanning images in Docker through the new integration with Snyk means that developers are more easily able to find and fix vulnerabilities throughout the development process,” said Justin Graham, vice president of Products, Docker. “We are giving developers and development teams the peace of mind that container images stored in their Docker Hub repositories are scanned, and vulnerabilities identified and communicated to them, while eliminating extra steps in their application development workflow.”

"We are excited to partner with Docker to provide a streamlined workflow that brings automation and efficiency to building secure cloud-native applications for millions of developers," said Aner Mazur, chief product officer, Snyk. "This partnership is making security a top priority in the container application development process and setting a new standard for early and continuous application security driven by the development team."

Availability

Image scanning from Snyk will be generally available for Docker users in the third quarter of 2020.

Additional Resources

About Snyk
Snyk is a developer-first security company that helps software-driven businesses develop fast and stay secure. Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and container images. Snyk's solution is built on a comprehensive, proprietary vulnerability database, maintained by an expert security research team in Israel and London. With tight integration into existing developer workflows, source control (including GitHub, Bitbucket, GitLab), and CI/CD pipelines, Snyk enables efficient security workflows and reduces mean-time-to-fix. For more information or to get started with Snyk for free today, visit https://snyk.io.

About Docker
Docker makes it easier for developers and their teams to build and share modern applications that can run anywhere – on-premises, hybrid or multi-cloud. Actively used by millions of developers around the world, Docker provides unmatched simplicity, flexibility and choice for building modern applications. Docker delivers the best experience for developer workflows consisting of containers, microservices/serverless functions, cloud services and beyond. For more information, visit www.docker.com.

Media Contact
Michelle Lazzar
Docker Communications
press@docker.com
(415) 941-0376