...
Also, docker container vulnerability management is available on paid plans.
...
snyk vs Sonatype Nexus IQ comparison
ONAP uses Sonatype Nexus IQ Server for security and licensing vulnerabilities checks, so to get started I just did a straight comparison on the DMaaP Data Router project.
...
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14335
CVE - CVE-2018-14335 |
To hook snyk.io into Jenkins CI seems pretty straight forward. Just set the SNYK_TOKEN for the account in use. This would prob be an org level TOKEN.
...