Find, Fix and Monitor for Image Vulnerabilities

Docker images must be considered (and are) Operating Systems with their packages installed. As such, they are subject to vulnerabilities posing risks that must be discovered and promptly fixed when patches and upgrades are made available.

Tools to evaluate:

• Snyk: https://snyk.io/
• Clair: https://github.com/quay/clair

Scheduled (Monthly) Patching

Back to the Docker guide.