New Innovation from Snyk Puts Container Security in the Hands of Developers – Container Journal

Snyk Container brings a developer-first approach to finding and fixing container and Kubernetes workload vulnerabilities throughout the SDLC

LONDON/BOSTON – 12th November, 2019 – Developer-first security company, Snyk, today announced the availability of Snyk Container, a stand-alone product offering an easy and scalable approach to finding and fixing container vulnerabilities. Snyk Container helps developers deal with the massive volume of vulnerabilities found in container images and Kubernetes workloads by not only identifying the vulnerabilities, but solving the bigger challenge of fast and intelligent remediation. When combined with Snyk Open Source for securing third party application dependencies, Snyk Container provides developers with a complete end-to-end solution for securing each stage of the Software Development Lifecycle (SDLC) from development to production.

“As the adoption of containers continue to skyrocket, our research shows that containers often introduce hundreds of vulnerabilities from open source dependencies and there is no native safeguard in place to find and fix them,” said Guy Podjarny, Co-founder and President, Snyk. “By giving developers the tools they need to both build and run secure containers, including monitoring Kubernetes workloads for vulnerabilities, Snyk Container is helping customers to drastically reduce the risk of growing container infrastructures and scale security best practices.”

Gartner predicts by 2022, more than 75% of global organizations will be running containerized applications in production. With this growth in mind, a top challenge today for security and DevOps teams is managing, prioritizing, and fixing the high volume of container vulnerabilities; while allowing development teams to accelerate to keep up with the demands of software-driven business. Snyk Container is the only SaaS solution designed to help developers and DevOps teams quickly analyze their container images, identify exactly where vulnerabilities are coming from and provide immediate remediation steps to improve overall security posture, as early in the development process as possible.

By integrating directly with developer workflows and existing tools, from source control, to CI/CD, container registries and Kubernetes, Snyk Container is giving developers the tools they need to build and secure containers as they go. Snyk Container helps developers perform regular rapid scans for application and operating systems vulnerabilities and verify Kubernetes workloads are securely configured.

“Container-based toolchains and configurations introduce significant new threat vectors that are not being addressed by traditional IT security organizations,” said James Governor, cofounder of RedMonk. “Snyk’s developer-led approach of shifting security testing left maps to the new roles, responsibilities, and processes of modern container-based application delivery.”

“Snyk offers an easy-to-use SaaS service,” said Jean-Philippe Lachance, Security Analyst at Coveo, a provider of intelligent and predictive search technologies. “We needed a reliable way to validate container images before moving to production, and Snyk is helping us do this in a streamlined and integrated way.”

Snyk is exhibiting at KubeCon North America in San Diego on November 18-21, 2019, and will be revealing the new Snyk Container demo at Booth S15. To learn more and get started now for free visit https://snyk.io.

About Snyk

Snyk is a developer-first security company that helps organizations develop fast and stay secure.  Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and container images. Snyk’s solution is built on a comprehensive, proprietary vulnerability database, maintained by an expert security research team in Israel and London. With tight integration into existing developer workflows, source control (including GitHub, Bitbucket, GitLab), and CI/CD pipelines, Snyk enables efficient security workflows and reduces mean-time-to-fix. For more information or to get started with Snyk for free today, visit https://snyk.io.