We've made some improvements to how our reporting looks and feels, making it easier to use!
You can now set certain filters that remain in place as you navigate through the various tabs within reporting.
Read more about reports in our docs: https://support.snyk.io/hc/en-us/articles/360004002558-Reports-overview
Pro and Enterprise customers can now import container images from your Artifactory container registry and scan those images for vulnerabilities in Snyk.
Learn more in the blog post and find out how to get started in the documentation.
Snyk now supports Alpine's newest release - 3.11 Rescan your projects to see vulnerabilities.
Snyk now goes beyond NVD to bring distro-specific severities for our Linux vulnerabilities. With this change, even when a vulnerability is considered to be a high-severity issue in the most general context, it might still be a lower severity issue in specific Linux distros such as Debian or Ubuntu (or others). Some users might see a major drop in high vulnerabilities, that will enable them to better focus where it matters. To see updated results, retest your projects now. We're very excited about this improvement; let us know what you think!
We're now supporting your RHEL operating system distros, with scanning and remediation advice available for rhel:8, rhel:7,rhel:6, and rhel:5.
How to get started: If you don't see updated results for your monitored projects already, try retesting or check with our Support team and we'll get things sorted out for you!
We've recently enriched our license detection by looking deeper inside your projects for Maven, npm, Python and Ruby packages. And there's still more to come … Don't see updated results? Contact our Support team and we'll get things sorted out for you!
We’ve improved our CLI authentication by introducing two important new security features: The CLI authentication process is now followed by a new approval webpage, designed to provide better user visibility and to protect against CSRF attacks. Read about authentication in our docs and check out the gif below - demonstrating the process.
We’ve also added the ability to revoke and regenerate your personal API token from Account Settings. To learn more about this feature, check out this article.
We would like to credit and thank Jonathan Leitschuh and Eran Lipkin for independently reporting the CSRF issue to us via our Bug Bounty program.
Thanks to our diligent Security teams, Snyk is happy to release our new Exploit Maturity filter from the Projects and the Reports areas as well as through our API. Using exploits in the wild as a rule of thumb for fast prioritization will bring you to the finish line seamlessly. Read more about our approach from our blog post, and more about the filter for the app in our docs.
We're glad to release our improved integration for AWS Lambda, ensuring a more secure connection. Read more about it in our docs.
Administrators can now configure session length on the Group level. When a session reaches its limit, the inactive user is automatically logged out. Configure from the Snyk UI or with our API. Read our docs for more information.
