Wazuh and Snyk (snyk.io) integration to scan Docker image vulnerabilities.

3 min readMar 27, 2023


Snyk will help you find and automatically fix vulnerabilities in your code, open source dependencies, containers, and infrastructure as code.

In this integration we’ll use Snyk’s CLI to scan for vulnerabilities in the Docker images and all their dependencies.

NOTE: Wazuh can use all the features available in an agent to monitor Docker servers and it can also monitor container activity. With the Snyk integration we aim at finding vulnerable packages included in the Docker images that might put the containerised applications at risk.

Vulnerability Management and NIST 800–53 Security Controls

Snyk CLI

Snyk runs as a single binary, no installation required.

The Linux binary can be found here

This article from Snyk’s documentation explains how to use Snyk’s CLI for Docker security.

The Snyk CLI needs to be initialised before being used. In order to do that, you’ll have to create and register an account in their platform (snyk.io). The registration is free. More details on how to initialise the CLI here

Wazuh Capability




SOCFortress is a SaaS company that unifies Observability, Security Monitoring, Threat Intelligence and Security Orchestration, Automation, and Response (SOAR).