snyk.io updates
snyk.io updates
app.snyk.io/projects

Snyk Code support for C#

 

New

 

 

We are happy to announce that C# is now fully supported in Snyk Code, adding to existing Snyk Code support for JavaScript, TypeScript, Python and Java.

Csharp.png

C# is the most prominent of the .NET framework languages, and frequently used to write web or enterprise applications. Snyk Code now supports C# and common frameworks such as .NET and .NET Core as well as ASP.NET and ASP.NET Core.

Existing projects will automatically use the new knowledge base when automatic rescan is performed. You can also trigger a rescan for immediate results.

We are working hard to add Snyk Code support for more languages in the coming months.

For more information:

Social Trends

 

New

 

 

We are excited to announce the availability of Social Trends, adding Social Media Intelligence (SOCMINT) to our vulnerability data to help you prioritize vulnerabilities more effectively!

A significant number of vulnerabilities are discussed on social media platforms like Twitter, Reddit, and Discord. Snykโ€™s Security Research team has found a strong correlation between activity around vulnerabilities in Twitter and the likelihood that those vulnerabilities will be exploited. Since these vulnerabilities pose a greater risk, we will now flag these vulnerabilities so you can prioritize fixing them in a timely fashion.

social-trends.gif

Find out more about it in our latest blog post.

For more details, see the product documentation.

Automatic remediation with snyk fix

 

Open beta

 

 

snyk fix automatic remediation for Python projects is in beta ๐ŸŽ‰

snyk fix is a new CLI command that aims to automatically apply the recommended updates for supported ecosystems. Currently it is available for Poetry, Pip and Pipenv projects.

To ensure minimum disruption to your existing workflows, we recommend trying the feature outside of your current automated CI runs until the feature is fully released.

This can be done using Snyk preview - a feature that enables you to preview new features before they are fully available within the Snyk Platform.

SnykPreview.png

To learn more about the new snyk fix feature, see our documentation.

Critical Severity Level - Rollout Update

 

New

 

 

Weโ€™re happy to announce the introduction of Critical severity!

Starting today, and in accordance with CVSS v3.1 ratings, we will begin to assign the Critical severity level to any security vulnerability identified by Snyk Open Source and Snyk Container with a CVSS score higher than 9.0.

This change will be gradually rolled out to all Snyk users, and once applied, will both reduce the number of High severity issues across your projects and affect automated CLI/API-based pipelines you have in place.

Please read the migration guide to fully understand the change.

If you do not see Critical severity enabled for your projects yet, you can enable it yourself on the Settings โ†’ Snyk Preview page.

In case of questions, feel free to reach out to the Snyk Support team: support@snyk.io.

Critical-Severity-Dashboard.png

Snyk supports npm 7

 

New

 

 

We are happy to announce that Snyk now supports the newest release from npm - 7 ๐ŸŽ‰

This is supported in both the CLI and Git imported projects.

For more details, please refer to the product documentation

Fix advice for Poetry

 

New

 

 

We are happy to announce that Snyk now provides actionable fix advice for Poetry projects ๐ŸŽ‰

This provides you with the simplest options to fix the greatest number of issues in your project. This is available in the CLI and UI.

Screen Shot 2021-06-24 at 13.13.58.png

See the Poetry documentation for more details.

Improved site header

 

Improved

 

 

As part of our continuous improvements, we've rebuilt our site header to be easier to use across all devices, as well as being faster to navigate between key pages such as the dashboard and projects page.

Vue-Header.png

Please note that organization and group settings have moved, from the main navigation Settings menu, to a cog icon cog icon.png on the right side of the site header.

Scan CloudFormation files for configuration issues

 

New

 

 

We're pleased to announce the launch of CloudFormation support within the Snyk IaC product.

You can now scan your AWS CloudFormation configuration templates against our comprehensive set of security rules and get actionable advice on how to resolve any configuration issues.

You can get started today by either importing a git repository containing your CloudFormation files or by using the Snyk IaC CLI.

See our product documentation for more details.

Visual Studio plugin for Snyk Open Source

 

New

 

 

Weโ€™re pleased to announce our new Snyk Open Source plugin for Visual Studio! Supporting Visual Studio 2015, 2017, and 2019, the new plugin enables developers to easily find and fix both known vulnerabilities and license issues in their open source dependencies, helping them address security early on and ship secure code faster.

image1.png

For further details, please have a look at the product documentation or go straight to the marketplace and install it.

In case of any issues, feel free to reach out to: support@snyk.io.

Snyk integrates with AWS CodePipeline

 

New

 

 

We are excited to announce the release of Snyk for AWS CodePipeline! This integration provides seamless scanning and results of any found vulnerabilities inside the AWS Console.

You can now scan source artifacts from AWS CodeCommit or any other supported SCM by adding Snyk as a stage in your pipeline with a few simple clicks.

This new integration is available to all customers in our free plan and comes with 200 scans per month. If you need more scans, you can also upgrade to our paid plans via the AWS Marketplace.

With a built-in configuration page, you can customize the integration to fail builds when vulnerabilities are found. Reducing risk and improving your security posture.

CodePipeline Release Announcement.png

See our product documentation for more information.