Monitoring and Reporting

Snyk's monitoring capabilities provide ongoing visibility into container security:

# Monitor an image for ongoing vulnerabilities
snyk container monitor myapp:latest --project-name="Production App"

# Set up monitoring with tags
snyk container monitor myapp:latest \
  --project-tags="team=backend,env=prod,app=api"

# Create snapshot for compliance
snyk container test myapp:latest --json > compliance-snapshot.json

# Generate SBOM (Software Bill of Materials)
snyk container sbom myapp:latest --format=cyclonedx

Automated reporting through Snyk's API:

import requests
import json

# Snyk API configuration
API_TOKEN = 'your-api-token'
ORG_ID = 'your-org-id'
BASE_URL = 'https://api.snyk.io/v1'

headers = {
    'Authorization': f'token {API_TOKEN}',
    'Content-Type': 'application/json'
}

# Get all container projects
response = requests.get(
    f'{BASE_URL}/org/{ORG_ID}/projects',
    headers=headers,
    params={'type': 'container'}
)

projects = response.json()['projects']

# Generate vulnerability report
for project in projects:
    issues = requests.get(
        f'{BASE_URL}/org/{ORG_ID}/project/{project["id"]}/issues',
        headers=headers
    ).json()
    
    print(f"\nProject: {project['name']}")
    print(f"Critical: {issues['issueCountsBySeverity']['critical']}")
    print(f"High: {issues['issueCountsBySeverity']['high']}")