Overview

This episode is a show and tell on running vulnerability scans on docker images on a local machine using Snyk and Docker and extracting the results using Security Analysis Results Interchange Format (SARIF). This episode shows a scenario where docker images are built using a base image with known vulnerabilities and rectifying the findings by a version upgrade.