Pablo's SPOT
Go back to list
Application and Infrastructure Code Security

4. Docker Image Scanning with Snyk and Github Actions

Overview

This episode is a show and tell on running vulnerability scans on docker images using Snyk and Github Actions and extracting the results using Security Analysis Results Interchange Format (SARIF).

This episode shows a scenario where docker images are built using a base image with known vulnerabilities and rectifying the findings by a version upgrade.

References

https://github.com/snyk/actions https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github

Previous 3. Docker Image Security Scanning with Snyk on Docker Next 5. Terraform Code Scanning with Snyk and Docker

Recommended book references

Click on book reference to open product details in Amazon website.

The Unicorn Project: A Novel about Developers, Digital Disruptions, and Thriving in the Age of Data

The Unicorn Project: A Novel about Developers, Digital Disruptions, and Thriving in the Age of Data

Web Application Security: Exploitation and Countermeasures for Modern Web Applications

Web Application Security: Exploitation and Countermeasures for Modern Web Applications