Developer-first security company,
Snyk, announced the
availability of Snyk Container, a stand-alone product offering an easy and
scalable approach to finding and fixing container vulnerabilities. Snyk
Container helps developers deal with the massive volume of vulnerabilities
found in container images and Kubernetes workloads by not only identifying the
vulnerabilities, but solving the bigger challenge of fast and intelligent
remediation. When combined with Snyk Open Source for securing third party
application dependencies, Snyk Container provides developers with a complete
end-to-end solution for securing each stage of the Software Development
Lifecycle (SDLC) from development to production.
"As the adoption of containers continue to skyrocket, our research shows that containers often
introduce hundreds of vulnerabilities from open source dependencies and there
is no native safeguard in place to find and fix them," said Guy Podjarny,
Co-founder and President, Snyk. "By giving developers the tools they need to both
build and run secure containers, including monitoring Kubernetes workloads for
vulnerabilities, Snyk Container is helping customers to drastically reduce the
risk of growing container infrastructures and scale security best
practices."
Gartner predicts by 2022, more than 75% of global organizations
will be running containerized applications in production. With this growth in
mind, a top challenge today for security and DevOps teams is managing,
prioritizing, and fixing the high volume of container vulnerabilities; while
allowing development teams to accelerate to keep up with the demands of
software-driven business. Snyk Container is the only SaaS solution designed to
help developers and DevOps teams quickly analyze their container images,
identify exactly where vulnerabilities are coming from and provide immediate
remediation steps to improve overall security posture, as early in the
development process as possible.
By integrating directly with developer workflows and existing
tools, from source control, to CI/CD, container registries and Kubernetes, Snyk
Container is giving developers the tools they need to build and secure
containers as they go. Snyk Container helps developers perform regular rapid
scans for application and operating systems vulnerabilities and verify
Kubernetes workloads are securely configured.
"Container-based toolchains and configurations introduce
significant new threat vectors that are not being addressed by traditional IT
security organizations," said James Governor, cofounder of RedMonk. "Snyk's
developer-led approach of shifting security testing left maps to the new roles,
responsibilities, and processes of modern container-based application
delivery."
"Snyk offers an easy-to-use SaaS service," said
Jean-Philippe Lachance, Security Analyst at Coveo, a provider of intelligent
and predictive search technologies. "We needed a reliable way to validate
container images before moving to production, and Snyk is helping us do this in
a streamlined and integrated way."
Snyk is exhibiting at
KubeCon North America in San Diego on November 18-21, 2019, and will be
revealing the new Snyk Container demo at Booth S15. To learn more and get
started now for free visit
https://snyk.io.