Showing 291 - 300 of 355 updates
The Group Organizations page for Enterprise customers just got a facelift!
The new cleaner look makes viewing your Organizations and joining new ones a breeze. The new page is faster and includes a brand-new workflow for joining Organizations without the need for manual emails.
Read more about how to request access to an Organization.
We are excited to announce the GA release of the Custom Base Image Recommendations feature of Snyk Container, bringing a more customized experience to our enterprise customers, allowing developers to utilize the most secure images from their organizations' internal pool of approved images (often referred to as “golden images”).
The General Availability version delivers:
API endpoints for all custom base image actions to allow automation and smooth integration into existing processes.
All API functionality is now also available in the browser GUI, allowing users to define custom versioning schemas from the project’s settings.
Removed feature flag - by default, Custom Base Image Recommendations settings will be shown in the project’s settings.
Please note that this feature is only available for customers on the Snyk Enterprise plan. More details on the feature are available in the public and API documentation.
Hadar Mutai | Senior Product Manager
We are happy to announce Policy Templates for Snyk AppRisk.
Policy Templates help AppRisk users create policies by offering ready-to-use templates that cover common use cases. In addition to creating a policy from scratch, users can now start with one of four out-of-the-box templates and tailor it to their unique requirements.
For more information, please refer to Snyk documentation and watch the Policy Templates overview video.
Itay Maor | Senior Manager, Product
We are excited to announce the General Availability of the Unified Issues API, which unifies all Snyk issues (SCA, SAST, IaC+) across projects or orgs into one API call. The Unified Issues API approach offers several key benefits:
Simplifies the user experience with one paginated API call across all projects or orgs
Saves time by eliminating the need to stitch data across API calls and offering a consistent schema to parse responses with
Highlights our commitment to building Snyk as a holistic security platform for our customers
The General Availability delivers:
Uniform issue representation from Code to IaC+, with improved data quality and increased reliability
Detailed representations for Open Source packages and fix information
Improved pagination and response management, simplifying the API interaction
New filters for tailored API responses, catering to specific querying needs
Please check out the API docs for listing all issues by group, and by org.
Note: the experimental versions of this endpoint will be deprecated in 30 days, while the beta version will be deprecated in 90 days. If you have any concerns with the deprecation timelines for experimental or beta endpoints of this API, please contact your account representative.
Ranko Cupovic | Principal Product Manager
We are please to announce that the Snyk AppRisk support View Only permission.
View Only permission for Snyk AppRisk will enable you to give view only permission to Snyk AppRisk, so it is minimizes the need for the you to give full access to Snyk AppRisk to your team members.
For more details see the documentation available here
DeepCode AI Fix helps you automatically fix security issues identified by Snyk Code in the IDE (VS Code and Eclipse) using Snyk's DeepCode AI model.
Over the last few months, the team has been continuously adding depth to JS/TS fixes, and we are excited to share the support for 6 additional languages. DeepCode AI Fix now supports:
Javascript and Typescript
Java
Python
C/C++
Go (Limited support)
C# (Limited support)
APEX (Limited support)
Visit our documentation to learn how to try it out!
We are pleased to announce that the Snyk CLI now supports scanning Gradle 8 projects!
Previously, when scanning version 8 projects in the CLI, some operations might fail due to incompatibility with the Gradle configuration cache. This has now been resolved, and Gradle 8 is officially supported in the Snyk CLI. 🎉
Upgrade to CLI v1.1273.0 or above to scan your Gradle 8 applications.
With our customers and users security in mind, from version v1.1268.0 onwards, Snyk CLI will redact Snyk API authentication tokens from its debug logs.
Once upgraded, when Snyk users run the following commands to enable Snyk CLI debug logs,
DEBUG=* snyk test -d
or
DEBUG=snyk* snyk test -d
they will see API authentication redacted and displayed as ***.
An example of this change is inline:
Snyk API authentication tokens will be redacted from Snyk CLI debug logs for both service as well as individual Snyk accounts.
We recommend upgrading to v1.1268.0 to benefit from this change.
Chintan Bellchambers
We are very pleased to announce that you can now define the Python version used when scanning pip projects imported via Git integrations in Snyk Open Source!
Until now, Snyk would always use either Python 2.7 or 3.7 which could lead to some dependencies being omitted from results if they require newer versions.
You can now specify the minor version of Python to use in scans.
To try this out go to your Organization Settings. First enable the beta listed in Snyk Preview. Next, go to Languages > Python and specify the Python version to use.
For more details see the documentation available here.
Snyk AppRisk Essentials is Snyk’s new ASPM product, and is now available for qualified customers.
Snyk AppRisk Essentials supports the following use cases:
Automate application asset discovery: Continually discover application assets and classify them by business context, ensuring a security program is fully in sync with developers. Manage security coverage: Define and manage appropriate security and compliance requirements while verifying applications have the correct controls in place., Prioritize based on risk: Blend business and application context with best-in-class security and fix analysis to quantify risk and create an evidence graph, ensuring developer remediation efforts are focused on the issues that matter most to the business.
You can learn more by reading our blog post and public documentation and training, and by reaching out to your account team.