Snyk is now checking Docker Official Images for security holes - helping protect sysadmins who grab container images for production without checking them for vulnerabilities first.
I love containers. You love containers. We all love containers. But our love for them blinds to us to the fact that we often don't really know what's running within them. In 2019, Snyk, an open-source security company, found that the "top 10 most popular Docker images each contain at least 30 vulnerabilities."
Ouch.
Snyk wasn't talking about security problems with container technology itself. Those problems, like 2019's runc security hole, the Docker and Kubernetes container runtime, do exist, and they're serious. But far more common are insecure applications within containers.
Now, Snyk and Docker are partnering up to find and eliminate security problems in the Docker Official Images.