Getting started with Snyk Container
Get started with Snyk Container to help you find and fix vulnerabilities in container images.
This process uses the Snyk Web UI. For details of Snyk Container using the Snyk CLI (Command-Line Interface) tool, see Snyk CLI for container security.

Prerequisites

Ensure you have:

Stage 1: Add container registry integration

Choose a container registry integration, to connect the registry with Snyk.
First, log in to the Snyk Web UI, and select Integrations > Container registries
Example URL: https://app.snyk.io/org/organization-name-tsd/integrations
Next, click the entry you want to integrate with Snyk, and enter details as prompted, then save the changes, to integrate this entry with Snyk.

Stage 2: Add projects

Add projects for your selected container, to start scanning with Snyk.
Example URL: https://app.snyk.io/org/organization-name-tsd/manage/integrations/docker-hub
  1. 1.
    Click Add Project, and select the integration registry entry to add from:
  2. 2.
    Select the container repository and tags to import, then click Add selected repositories to import them into your projects. Importing also sets Snyk to run a daily check on repositories for vulnerabilities.
  3. 3.
    A progress bar appears: click View log to see log results.
If you encounter any errors during import, see the Importing projects information.

Stage 3: View vulnerabilities

You can now see vulnerability results for imported projects.
Select Projects, then click on the imported project entry under its registry record, to see vulnerability information for that project.
Here you can see a summary of the severity of the detected vulnerabilities.
Click on an entry to see details of vulnerabilities found:
Example URL: https://app.snyk.io/org/organization-name-tsd/project/abc-123

Stage 4: Fix and review

  1. 1.
    Fix issues found, based on Snyk recommendations
  2. 2.
    Rebuild your image
  3. 3.
    Snyk will automatically rescan your new image after it is pushed