# [HIGH] Container vulnerability management for developers

**Source:** Snyk
**Published:** 2018-06-28
**Article:** https://snyk.io/blog/container-vulnerability-management-for-developers/

## Threat Profile

Snyk Blog In this article
Written by Aner Mazur 
June 28, 2018
0 mins read Today Snyk released a container vulnerability management solution which empowers developers to fully own the security of their Dockerized application!
Containers are becoming the standard form in which applications are packaged and executed, so the need to protect not only the application itself but the entire container against open source vulnerabilities is growing. Snyk, being committed to helping developers secure thei…

## Indicators of Compromise (high-fidelity only)

- **CVE:** `CVE-2018-0495`

## MITRE ATT&CK Techniques

- **T1190** — Exploit Public-Facing Application

## Kill chain phases observed

_(none detected from narrative keywords)_

## Recommended hunts

### IOC-driven hunts (use shared templates)

These are standard IOC-substitution hunts — the canonical SPL and KQL live once in [`_TEMPLATES.md`](../_TEMPLATES.md), so we don't repeat the same boilerplate on every CVE / hash / network-IOC briefing.

- **Asset exposure — vulnerability matches article CVE(s)** ([template](../_TEMPLATES.md#asset-exposure)) — phase: **recon**, confidence: **High**
  - CVE(s): `CVE-2018-0495`


## Why this matters

Severity classified as **HIGH** based on: CVE present, 1 use case(s) fired, 1 technique(s) inferred. Read the full article for actor attribution, tooling details, and any defanged IOCs in the body that aren't visible in the RSS summary.