Scanning your images to verify that they are free of known vulnerabilities or exposures to enhance your security posture.

Snyk integrates with many different systems to offer a centralized security console. In this article we will first use Snyk

Assumption

  • Azure Container Registry (ACR) already exists
  • Admin user in your ACR is enabled and you have the credentials to connect to the registry
  • You already have a SNYK account (if not then create one at this address https://app.snyk.io/signup
  • Your images are pushed to the ACR. As a reminder, in order to push your images to ACR, use the following commands

Configure SNYK to integrate with your ACR

1. Go to Settings > Integrations then click on Edit settings for ACR

Configure SNYK to integrate with your ACR2. Enter the required information to connect to your ACR (information available in Settings > Access Keys of your ACR on the Azure portal)

Settings > Access Keys

3. Click on Save

Select the images to scan

Now that the integration with your ACR is done, you can add the images you need to scan

1. Click on Add your ACR images to Snyk

Click on Add your ACR images to Snyk

2. Select the image(s) you want to add and click on Add selected repositories

Add selected repositories

Once added, Snyk will start scanning your image(s), which might take a bit of time.

VSAN from StarWind eliminates any need for physical shared storage just by mirroring internal flash and storage resources between hypervisor servers. Furthermore, the solution can be run on the off-the-shelf hardware. Such design allows VSAN from StarWind to not only achieve high performance and efficient hardware utilization but also reduce operational and capital expenses.

Learn more about ➡ VSAN from StarWind

Dashboard

Once the image(s) has been added to Snyk, you can navigate to the dashboard to see the reports and the vulnerabilities found.

Navigate to the dashboard

Click on a specific image to see all the details

Arbitrarry Code Injection

Views All Time
9
Views Today
21
Appreciate how useful this article was to you?
No Ratings Yet
Loading...
Back to blog
The following two tabs change content below.
Benoit Voirin
Benoit Voirin
Benoit Voirin is a freelance Cyber Security consultant with 10 years of experience in Cyber Strategy, infrastructure project management and IT System Engineering. Benoit has a wild range of skills in cyber security strategy and technical domains gained by working on vast and challenging projects in multiple domains and sectors. He is certified ISO 27001 Lead Implementer, Cloud Security Knowledge (from Cloud Security Alliance), Prince 2 and ITIL.