Cloud native application security leader, Snyk today announced the next phase of its Docker partnership naming Snyk as the exclusive provider of security insights for Docker Official Images and other future content certification programs.
Docker Official Images are highly popular with the Docker developer community, accounting for 25% of all images downloaded from the Docker Hub. This curated collection of images is designed to promote the development standards of clarity, transparency and consistency, making it a common starting point for a wide range of applications. Rather than creating their container components, developers regularly choose from Docker’s 166 available Official Images, as layers that make up their containers. Adding Snyk security insight to the Official Images, enables vulnerability risk assessment as a step in the Official and Certified Images selection process.
Combining Official Images vulnerability insights, with Snyk scanning recently integrated into the Docker Desktop and Docker Hub, developers can now incorporate vulnerability assessment along each step of the container development and deployment process. Integrating vulnerability insights directly into developer platforms, shifts security testing left and streamlines the process of deploying secure applications.
In a joint talk at Snyk’s virtual conference SnykCon 2020, Snyk CEO Peter McKay and Docker CEO Scott Johnston, presented this next phase of the partnership.
“Developers build from Docker’s Official Images because they want the assurance of knowing the images are up-to-date and are well maintained,” said Docker CEO Scott Johnston. “With Snyk security insights for Docker Official Images, simplified workflows designed for developer-first security is now a foundational part of a developer’s toolbox to seamlessly create and ship more applications with confidence.”
“While containers deliver scalability and agility, they create new security challenges that can’t be addressed with traditional solutions, especially ones that don’t naturally fit into the developer workflow,” said Peter McKay, Snyk CEO. “Recent Snyk research shows that only 41% of application development teams are scanning all of their containers for vulnerabilities. Embedding Snyk’s developer-first security into Docker images delivers robust, end-to-end security to millions of developers.”
Docker simplifies the lives of developers who are making world-changing apps by conquering the complexity of app development. For millions of developers, Docker is the de facto standard to build, share and run containerized apps – from desktop to the cloud. Today the popularity of Docker continues unabated. There are over 3 million Docker Desktop installations, 7+ million repositories, and 7+ million Docker Hub users, with total cumulative pulls of images from Docker Hub reaching 242 billion in July, doubling the number pulls in a little over six months.
Availability
Snyk integration with Docker Official Images and Verified Publisher program is expected later this year. Snyk security scans will be applied to every new Official and Certified image uploaded to Docker Hub so developers will be able to scan and see vulnerabilities in container images.
Additional Resources
- Get started with Snyk for free at snyk.io with extra scans available to Docker users.
- Sign up for a free Docker Hub account: https://hub.docker.com/
About Snyk
Snyk, the cloud native application security leader, has a vision to empower every software developer in the world to develop fast and stay secure. Only Snyk provides a platform to secure all of the critical components of today’s cloud native application development including the code, open source libraries, container infrastructure and infrastructure as code. Snyk’s developer-first approach enables technology-driven companies to scale security in today’s fast-paced digitally transforming world. Snyk’s security platform is powered by its industry-leading proprietary vulnerability database, maintained by the expert Snyk security research team, that also powers security solutions from strategic partners such as Datadog, Docker, IBM Cloud, Rapid7, Red Hat and Trend Micro. The company works with global customers of all sizes to empower developers to automatically integrate security throughout their existing workflows.
Named to the 2020 Forbes Cloud 100, the definitive ranking of the top 100 private cloud companies in the world, Snyk was also recently recognized by Comparably as the #3 small-to-medium business for Happiest Employees in 2020.
For more information and to get started with Snyk for free today, visit https://snyk.io.
About Docker
Docker makes it easier for developers and their teams to build and share modern applications that can run anywhere – on-premises, hybrid or multi-cloud. Actively used by millions of developers around the world, Docker provides unmatched simplicity, flexibility and choice for building modern applications. Docker delivers the best experience for developer workflows consisting of containers, microservices/serverless functions, cloud services and beyond. For more information, visit www.docker.com.
Snyk State of Open Source Security 2020
SOURCE Snyk