Snyk

Snyk is a platform that helps developers find and fix vulnerabilities in their open-source dependencies and container images. It scans the project's dependencies to identify and alerts about any known security vulnerabilities.

Usage of Snyk in Delivery Shield

  • Delivery Shield mandates security scans on images using Snyk. It connects with Snyk to see if the required version of the image has been scanned and if not done, Delivery Shield generates a security issue.

  • Once the Snyk scan is done, Delivery Shield pulls container security scan results from Snyk, and this data is used to calculate the overall security status of the images and application, to generate alerts and remediation.

  • The scan results fetched by Delivery Shield will be displayed in the Vulnerability Management page, Artifact section of the DBOM and View Open Security Issues page.

To Integrate Snyk:

  1. Navigate to Setup > Integrations.

  2. In the Source panel, click Snyk.

You can use the toggle button provided below the integration tile to enable or disable it as needed.

  1. The Snyk integration page is displayed.

  2. Enter the values for the fields as shown below:

  1. Enter the Snyk Org Id.

  2. Select the Mode : Local or Cloud.

    1. If Local Mode is selected Snyk is run as a CLI tool.

    2. If Cloud Mode is selected SaaS version of Snyk is run.

  3. Enter the token to access your Synk account in the Token field. (See Generating API Token for details on how to generate API token).

  4. If you select Cloud Mode you can enable or disable Sass scan.

  5. Click Save. The Synk account gets integrated in the artifact stage.

  6. Click Edit to edit the entered values.

  7. Enter the new values and click Update.

The new values get updated.

PreviousKubescapeNextTrivy

Last updated