Container Security : Snyk
Hello DevSecOps experts, In this post we will discuss about how we can ensue container security scan. Snyk is one of the container scan tool option, we can sign up with GitHub or google account. Snyk will operates in three different ways: Snyk Web UI Snyk CLI Snyk Broker Heer we will experiment with Snyk CLI we can download from GitHub, as per your platform you can choose it. I'm going to work Preferrable option is to install the latest stable version of NodeJS, verify the version of Snyk/cli . curl -fsSL https://deb.nodesource.com/setup_24.x | sudo -E bash - apt install -y nodejs # Install NodeJS as per current stable version available node -v # Validate nodeJS installed npm -v # Validate npm installated npm install -g snyk # installing snyk snyk --version # Validate snyk installed When you run the above set of commands you will see the following output: snyk installation using npm package manager Ignore the npm warn lines which ...