UPDATED 20:05 EST / MAY 19 2020


Docker partners with Snyk on container image vulnerability scanning

Software container company Docker Inc. said today it’s teaming up with the British cybersecurity startup Snyk Ltd. to provide what it said is the first native vulnerability scanning service for container images.

The companies said they intend to create a more streamlined workflow that will secure the application development process for millions of developers who work with Docker containers. For the first time, developers will have continuous security integrated with their preferred container tools, ensuring greater agility and productivity when creating applications, enabling them to build containerized applications faster and with more confidence, the companies said.

The process of fixing vulnerabilities in container images has always been an extremely cumbersome one that involved adding several steps to the developer workflow. By partnering with Snyk, Docker said, it’s giving developers the ability to automatically find vulnerabilities in open source software libraries and container images.

It’s an important new capability for developers as software containers are increasingly becoming the most preferred environments for modern applications as they abstract away the underlying hardware. As such, developers can build container apps just once and have them run on any kind of computing platform.

The initiative is part of a new strategy outlined by Docker executives earlier this year. Following the sale of its enterprise business to Mirantis Inc. last year, the company has refocused its efforts on providing a much smoother developer experience instead. The company plans to create a fully supported DevOps toolchain for developers working with containers.

The partnership should also be good for Snyk, which has big ambitions after securing a $150 million Series D funding round in January that cemented its “tech unicorn” status with a valuation of more than $1 billion.

Justin Graham, Docker’s vice president of products, said the partnership with Snyk means developers will be able to find and fix vulnerabilities far more easily than before.

“We are giving developers and development teams the peace of mind that container images stored in their Docker Hub repositories are scanned, and vulnerabilities identified and communicated to them, while eliminating extra steps in their application development workflow,” he said.

“This partnership is making security a top priority in the container application development process and setting a new standard for early and continuous application security driven by the development team,” said Aner Mazur, chief product officer at Snyk.

Software containers are nowadays the favorite method of developers to scale workloads, and it’s up to companies such as Docker to make them more productive, Constellation Research Inc. analyst Holger Mueller told SiliconANGLE.

“Docker‘s partnership with Snyk achieves that, so it is a key contribution to make containers more robust for enterprises and help developers build containerized apps,” Mueller said.

The companies said Snyk’s image scanning service will be made available to Docker users in the third quarter of this year.

Image: Docker

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.