Set up Insights: Image scanning

The Insights feature is available only with Snyk AppRisk Pro.

To determine the risk factors and prioritize your Code, Open Source, and Container issues, you must scan your container images using Snyk Container.

The container image is at the center of the application model that powers Snyk AppRisk. A container image includes your source code and dependencies, and it is deployed to your running environment, enabling Snyk AppRisk to use the container image to bridge the development and deployment states. Snyk AppRisk will identify any deployed container images using the Kubernetes Connector and compare the deployed container images to the list of scanned images you have scanned using Snyk Container.

Snyk recommends that you scan each image using at least one of the Snyk Container integrations.

Snyk Container scanning with the CLI

To ensure the image names match, specify the full name of the image as referenced in your Kubernetes deployment.

Example:

snyk container monitor gcr.io/my-company/my-image:latest

For details, see Snyk CLI for container security.

Snyk Container registry scanning

The names will match if you are importing images to Snyk from the same container registry that you are referencing in your Kubernetes deployments.

For details, see Snyk Container - Integrations.

Snyk Container scanning with Kubernetes integration

The names of the container images will match because the deployed image is scanned by Snyk and created as a Project.

To ensure you have set up your Kubernetes Connector properly, navigate to the Set up Insights tab on the Issues page and check the Image coverage section to view the data Insights has access to.

For details, see Kubernetes integration.

Last updated

More information

Snyk privacy policy

© 2024 Snyk Limited | All product and company names and logos are trademarks of their respective owners.