Snyk now integrates directly with Kubernetes

You can now use Snyk to gather data about applications running in your Kubernetes clusters. Import the workloads you are interested in and we'll analyse them for vulnerabilities and detect issues with the configuration which might increase the risk of an exploit.

Screenshot 2019-11-11 at 17.52.00.png

This new integration is only available to Snyk Container customers, including existing Docker add-on customers. Find out more in the blog post or jump straight into the documentation.

Our Snyk CLI tool now supports CocoaPods!

Test and monitor your CocoaPods projects from our Snyk CLI tool now with snyk test and snyk monitor. Available in all CLI versions from v1.230.8. To get started, make sure your CLI is up to date and run snyk test or snyk monitor. See our docs for more details.

Project owner metadata

We now give you the ability to add a project owner inside each individual project page in the UI, or using the API. You can add anyone as a project owner who has access to the org that the project is in.

To try this out, go to any project page and in the metadata header, you now have the option to assign a project owner from a list of everyone who has access to the project.

project-owner.png

At the moment, this data is only for reference, but we have plans to use it in other areas of Snyk in the future.

More improved APIs served up just for you!

The API list all dependencies endpoint now includes issuesHigh, issuesMedium and issuesLow fields for each license, displaying the number of issues in the dependency per severity level.

  • You can now filter for only dependencies that contain at least one issue of each severity. Use the severity filter to do this. See our docs for more information.
  • Manage your teams' vulnerabilities easier than ever with enriched filters and printable reports!

    We're happy to report that we've improved our Reports area! You can now better search and filter your vulnerabilities by expanded parameters from the Issues tab and then export your results to CSV or print them in PDF.

    Check out our docs for more information.!

    Automated dependency upgrades for Bitbucket Cloud

    Automated dependency upgrades are now available through your Bitbucket cloud integration, or for specific Bitbucket Cloud projects.

    Read more in our docs, give it a try and let us know what you think!

    image (24).png

    New legal license instructions added!

    We've released the Legal Instructions field where you can now customize advice for your teams when license issues are identified. You'll onboard developers faster than ever with relevant calls to action. Read all about it in our docs.

    More improvements in our API!

    You asked, we supplied! For Yarn and npm projects you can now also add your package-lock.json and yarn.lock files to get more accurate Snyk test results. See our docs for more info.

    Get a single user by user ID

    Organization and group administrators can now retrieve user details for a single user with our new API command. Check out our docs for more help.

    Scan your Bitbucket Cloud and GitHub Enterprise Dockerfiles as part of your container security

    As part of our continued efforts to further enrich container scanning, we’re super pleased to announce that you can now enrich your container scan results by adding your Dockerfile from Bitbucket Cloud or GitHub Enterprise (in addition to the support we already provided through GitHub and GitLab of course!). To get started, import your container from any of the registries we support. Need help with containers? Check out our docs!Dockerfile_CTA.png