This guide gives a high level summary of the product, with hands-on activities to help you quickly understand how Snyk works.
What is Snyk?
Let's start with a quick overview of the Snyk solutions which include Snyk Open Source, Snyk Container, and Snyk Intel Vulnerability database.
Snyk Open Source
Snyk Open Source helps development teams automatically find and fix vulnerabilities and license violations in their open source dependencies. It is designed to be developer friendly and to integrate into your existing workflows, providing automated remediation and actionable security insights.
Snyk Container empowers developers to identify the best ways to address container vulnerabilities.
- Base image selection: Snyk Container identifies alternate base image options that can greatly reduce vulnerabilities.
- Container registry integration: Find issues in stored container images and ensure ongoing protection in popular container registries like Docker Hub, AWS ECR, Azure ACR, Google GCR and JFrog Artifactory.
- Kubernetes environments: Detect and scan workloads as they launch or change in Kubernetes clusters. Prioritize issues using pod configuration details that indicate increased risk.
Snyk Intel Vulnerability DB
Snyk’s security database is managed by our own team of expert researchers and analysts, ensuring the database maintains a high level of accuracy with a low false-positive rate.
- Our expert researchers and analysts maintain the data’s high level of accuracy and low false-positive rate.
- All items in the database are analyzed and tested.
- CVSS scores and vectors are assigned to 100% of vulnerabilities.
- The content is hand curated to be as useful and informative as possible to a broad audience, and includes code snippets where applicable.
- The team also invests in proprietary research to discover new vulnerabilities.
Learn more about the data behind Snyk's open source and container solutions.