Snyk
- Product information
- Release notes
Overview
Dynatrace integrates with Snyk products to enable visibility, orchestration, and prioritization of code, library, and container vulnerability findings.
Capabilities:
-
Single pane of glass: Ingest vulnerability findings, scan events, and audit logs from Snyk products into Dynatrace (powered by OpenPipeline™)
-
Unified analysis: Dynatrace transforms and maps the findings to a unified format for vulnerability findings (powered by Dynatrace Semantic Dictionary)
-
Findings operationalization: Prioritize, visualize, and automate vulnerability findings with runtime context
-
Unveil blind spots: Discover and eliminate coverage gaps in your Software Development Lifecycle (SDLC)
Use cases
-
Overview: Visualize and report your current security posture and trends around vulnerability findings across vulnerability scanners with Dashboards.
-
Prioritization: Analyze and prioritize vulnerability findings across multiple tools and products uniformly with Notebooks.
-
Automation: Create notifications and tickets for critical vulnerability findings with Workflows.
-
Investigation: Use vulnerability findings as an additional dimension for threat hunting and incident forensics using Security Investigator.
Get started
To ingest vulnerability findings, scan events, and audit logs from Snyk products into Dynatrace, you need a Snyk API token with proper permissions.
For instructions on how to set up the integration, go to Ingest Snyk vulnerability findings, scan events, and logs.
Details
To visualize and automate general vulnerability findings, use the following artifacts:
- Visualize any vulnerability findings with this sample dashboard
- Summarize product security coverage with this sample dashboard
- Create Slack notifications for critical vulnerability findings with this sample workflow
- Create Jira tickets for critical vulnerability findings with this sample workflow
To visualize and automate container-specific vulnerabilities, use the following artifacts:
- Visualize container findings with this sample dashboard
- Discover container scanning gaps with this sample dashboard
- Create Slack notifications for critical container findings with this sample workflow
- Create Jira tickets for critical container findings with this sample workflow
Compatibility information
Provided by
DynatraceSubscribe to new releases
Copy to clipboard
Full version history
To have more information on how to install the downloaded package, please follow the instructions on this page.
ReleaseDate
Full version history
🪲 Fixed in this version:
- When container related findings are reported, the container ID is reported as well as the container digest, since the digest is sometimes not available. Since this fix requires access to a new API, the permissions required have been updated. Please refer to the official documentation.
ℹ️ This version requires ActiveGate version 1.299.0 or higher.
Full version history
🪲 Fixed in this version:
- The Dynatrace severity score for vulnerability findings is now mapped from the severity level provided by Snyk instead of the CVSS score, due to a misalignment between the two.
ℹ️ This version requires ActiveGate version 1.299.0 or higher.
Full version history
✨ New in this version:
- Added vulnerability finding and scan event monitoring.
- Added audit log monitoring.
ℹ️ This version requires ActiveGate version 1.299.0 or higher.
