The Red Hat Ecosystem Catalog is the official source for discovering and learning more about the Red Hat Ecosystem of both Red Hat and certified third-party products and services.
We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.
Snyk Container provides security and vulnerability detection that guides developers and DevOps to find and fix vulnerabilities in container images throughout the SDLC.
Snyk Container helps developers to build more secure containers. Snyk Container provides security and vulnerability detection that guides developers and DevOps to find and fix vulnerabilities in container images throughout the SDLC. Snyk Container works by detecting and differentiating between vulnerabilities from base images and user instructions to provide actionable remediation advice to remove or reduce risk. Base image identification detects the starting image, finds vulnerabilities, and provides base image recommendations so developers can start from the most secure image, via one-click remediation actions. Snyk Container's clear delineation between base image and user instructions detects vulnerabilities that are introduced by user instructions, and provides clear and actionable remediation advice to developers, while also detecting vulnerabilities introduced by the applications that you've built. Feedback from the Kubernetes integration provides additional context to help prioritize vulnerabilities that are more at risk based on the running context.
Base image detection and advice to find a more secure starting point
Snyk Container detects the base image that you're starting from, detects vulnerabilities, and suggests more secure base images so you can build from a more secure starting place, whether you're basing your containers on 'Docker Official' images or custom/golden base images. Snyk Container also provides one-click PRs, enabling you to automatically make and push changes to your Dockerfiles.
Fix vulnerabilities introduced by user instructions
Snyk Container's base image / user instruction differentiation can identify vulnerabilities that you've introduced via user instructions (Dockerfile commands), and offer fix advice with easy to understand, actionable advice.
Vulnerabilities in your custom applications
Snyk Container also scans for vulnerabilities in the custom applications you build and install in your containers. Not only does this help with development on the desktop, but can also be used as a security gate in your CI/CD pipelines.
Kubernetes integration for added context and prioritization for vulnerabilities
The Snyk Container Kubernetes integration detects numerous misconfigurations in how your pods or containers are being run in production, providing added context to prioritize critical vulnerabilities that pose the most risk, such as running as a privileged pod or the ability to run as root, or without limits on CPU or memory usage.
Monitor for newly discovered vulnerabilities and fixes
New vulnerabilities (and fixes) are discovered every day, so Snyk Container can continually monitor your containers to detect and report on any images that contain newly-discovered vulnerabilities or fixes.