Snyk now goes beyond NVD to bring distro-specific severities for our Linux vulnerabilities. With this change, even when a vulnerability is considered to be a high-severity issue in the most general context, it might still be a lower severity issue in specific Linux distros such as Debian or Ubuntu (or others). Some users might see a major drop in high vulnerabilities, that will enable them to better focus where it matters. To see updated results, retest your projects now. We're very excited about this improvement; let us know what you think!
Improved Linux Vulnerability severity definitions
Our image database offers more support than ever!
We're now supporting your RHEL operating system distros, with scanning and remediation advice available for rhel:8, rhel:7,rhel:6, and rhel:5.
How to get started: If you don't see updated results for your monitored projects already, try retesting or check with our Support team and we'll get things sorted out for you!
Our license scanning has been dramatically enriched
We've recently enriched our license detection by looking deeper inside your projects for Maven, npm, Python and Ruby packages. And there's still more to come … Don't see updated results? Contact our Support team and we'll get things sorted out for you!
Improved CLI authentication & token management
We’ve improved our CLI authentication by introducing two important new security features: The CLI authentication process is now followed by a new approval webpage, designed to provide better user visibility and to protect against CSRF attacks. Read about authentication in our docs and check out the gif below - demonstrating the process.
We’ve also added the ability to revoke and regenerate your personal API token from Account Settings. To learn more about this feature, check out this article.
Prioritize vulnerabilities quickly with our Exploit Maturity filter
Thanks to our diligent Security teams, Snyk is happy to release our new Exploit Maturity filter from the Projects and the Reports areas as well as through our API. Using exploits in the wild as a rule of thumb for fast prioritization will bring you to the finish line seamlessly. Read more about our approach from our blog post, and more about the filter for the app in our docs.
AWS Lambda integration more secure
We're glad to release our improved integration for AWS Lambda, ensuring a more secure connection. Read more about it in our docs.
Secure your data - configure session length
Administrators can now configure session length on the Group level. When a session reaches its limit, the inactive user is automatically logged out. Configure from the Snyk UI or with our API. Read our docs for more information.
Revoke & regenerate your API token
You can now revoke and regenerate your personal API token from Account Settings. See our documentation for more info.
Snyk now integrates directly with Kubernetes
You can now use Snyk to gather data about applications running in your Kubernetes clusters. Import the workloads you are interested in and we'll analyse them for vulnerabilities and detect issues with the configuration which might increase the risk of an exploit.
Our Snyk CLI tool now supports CocoaPods!
Test and monitor your CocoaPods projects from our Snyk CLI tool now with
snyk test and
snyk monitor. Available in all CLI versions from v1.230.8.
To get started, make sure your CLI is up to date and run
snyk test or
snyk monitor. See our docs for more details.