OpsCanary
Learn/DevSecOps/Vulnerability Scanning
DevSecOps

Vulnerability Scanning

5 articles from official documentation

Practitioner5 articles
securityscanningPractitioner

Snyk Open Source: Elevate Your Vulnerability Management Game

Snyk Open Source empowers developers to tackle vulnerabilities in open-source libraries head-on. With actionable fix advice and integration into your workflows, it streamlines the security process throughout the software development lifecycle.

  • Leverage Snyk Open Source to find and fix vulnerabilities in your open-source libraries.
  • Utilize actionable fix advice to streamline remediation efforts.
5 min read·Official Docs
Read article
securityscanningPractitioner

Securing Cloud Infrastructure with Snyk IaC: A Practical Approach

In today's cloud-first world, misconfigurations can lead to severe security vulnerabilities. Snyk IaC allows you to secure configurations for tools like HashiCorp Terraform and AWS CloudFormation, ensuring your infrastructure is safe before it even reaches production.

  • Utilize Snyk IaC to secure configurations for HashiCorp Terraform and AWS CloudFormation.
  • Integrate Snyk IaC into your IDE, SCM, CLI, and Terraform Cloud/Enterprise workflows for seamless security checks.
5 min read·Official Docs
Read article
securityscanningPractitioner

Securing Your Containers: The Power of Snyk Container Scanning

Container security is non-negotiable in today's DevOps landscape. Snyk Container empowers you to find and fix vulnerabilities in your container images, ensuring security is baked in from the start. Discover how this tool can streamline your security workflow.

  • Utilize Snyk Container to identify vulnerabilities in your container images early.
  • Integrate Snyk Container into your CI/CD pipeline for continuous security monitoring.
5 min read·Official Docs
Read article
securityscanningPractitioner

Filesystem Scanning: Uncovering Vulnerabilities and Secrets with Trivy

In today's security landscape, scanning your filesystem for vulnerabilities and secrets is non-negotiable. Trivy makes this process straightforward, enabling you to identify issues based on lock files like Gemfile.lock and package-lock.json. But are you leveraging all its capabilities effectively?

  • Enable misconfiguration scanning with `--scanners misconfig` to catch potential issues.
  • Use `$trivy fs/path/to/project` to initiate a full filesystem scan.
5 min read·Official Docs
Read article
securityscanningPractitioner

Mastering Container Image Scanning with Trivy

Container image security is non-negotiable in today's DevOps landscape. Trivy stands out by detecting vulnerabilities, misconfigurations, and secrets in your images with ease. Learn how to leverage its capabilities effectively.

  • Detect known vulnerabilities in your container images using Trivy.
  • Enable misconfiguration scanning with the `--image-config-scanners` flag.
5 min read·Official Docs
Read article
DigitalOceanSponsor

Simple, affordable cloud — VMs, Kubernetes, and managed databases in minutes. Trusted by 600,000+ developers. Spin up a Droplet in 60 seconds.

Try DigitalOcean →

Get the daily digest

One email. 5 articles. Every morning.

No spam. Unsubscribe anytime.

Back to DevSecOps