An Introduction to Snyk
https://www.ispeech.org
In this introduction to Snyk, you'll see how the developer security tool tests your application build artifacts, flagging those dependencies that have known vulnerabilities. It provides you with a list of vulnerabilities that exist in the packages you're using in your application as a dashboard.
Additionally, it will suggest upgrade versions or provide patches to remediate your security issues, via a pull request against your source code repository. Snyk also protects your environment, by ensuring that any future pull requests raised on your repository are automatically tested (via webhooks) to make sure they do not introduce new known vulnerabilities. This ensures vulnerabilities are not knowingly introduced back into your source code.
New vulnerabilities are found in existing projects and libraries every day, so it's important to also monitor and protect your production deployments. Snyk takes snapshots and monitors your deployment so that when new vulnerabilities are found, you can automatically be notified via your preferred channel, JIRA, slack or email as well as have pull requests created to offer upgrades and patches to the new vulnerabilities.
Snyk is available via a web UI as well as a CLI, so you can easily integrate it with your CI environment, and configure it to break your build when vulnerabilities exist with a severity beyond your set threshold.
You can use Snyk for free for open source projects or for private projects with a limited number of monthly tests. For more information or to sign up, go to http://snyk.io to learn more.
Likes: 0
Viewed:
source
Gloss