June 12, 20230 mins read
In today’s highly dynamic application ecosystem, the number and scope of security issues that developers need to address have increased dramatically, making it imperative for modern development teams to have an automated system to handle security events across every application component.
Event-based notifications enable developers to extend the Snyk platform and build integrations and response workflows, helping organizations respond to security issues in their applications without significant engineering work.
For this reason, Snyk worked closely with AWS to build an integration with Amazon EventBridge, allowing development teams to manage audit logs and security issues from Snyk with more agility by building notification and response workflows through the EventBridge service.
Recognized by Gartner as a leader in the 2023 Magic Quadrant™ for Application Security Testing and ranked #20 on Forbes’ Cloud 100 List in 2022, Snyk provides a developer-friendly security platform that helps development and security teams find and fix vulnerabilities in proprietary code, open source dependencies, containers, and infrastructure as code (IaC) across the SDLC, integrating into the services developers use to build their applications.
Real-time vulnerability notifications
With this integration, security teams can receive real-time notifications when Snyk detects new vulnerabilities. The EventBridge integration can be configured to trigger email or chat notifications or even call an AWS Lambda function to perform automated remediation tasks.
Audit trail monitoring
The Snyk platform generates audit events when configuration settings are changed and members are added or removed from Snyk. By integrating Snyk with EventBridge, security teams can create an audit trail by logging all Snyk audit events into an S3 bucket for compliance or forensic analysis purposes.
Automated remediation workflows
Security teams can use EventBridge to create custom workflows from security events triggered by Snyk. For example, when a new remediation event is detected, an AWS Lambda function can be automatically invoked to apply the remediation steps or even create a Jira ticket to track the remediation process.
Configuring Snyk’s integration with Amazon EventBridge can take 15 minutes or less and involves just a few simple steps:
Enable “Amazon EventBridge”.
Enable Snyk as a partner that can send findings.
Navigate to the Snyk integrations page and search for "Amazon EventBridge".
Add an EventBridge “registration” to your Snyk organization by providing the following information:
AWS account ID
Select either Snyk Audit Logs or Snyk Issues.
Once the registration is configured, Snyk will send audit logs or security issues to Amazon EventBridge for engineering teams to capture events such as:
Changes to Snyk security policies, settings, and user memberships
A security issue being ignored
Critical vulnerabilities found in a production workload
New remediations for application vulnerabilities
Amazon EventBridge receives security issues from Snyk in Open Cybersecurity Schema Framework (OCSF) format to ensure data is easily correlated from findings across multiple vendors in a common format, streamlining data queries for customers and allowing them to easily create custom data models and reports based on security findings from multiple sources.
Customers can then use EventBridge to match events and send them to various AWS and third-party targets to store the data, and create alerts or custom workflows across services like Amazon Simple Storage Service (S3), Amazon Simple Notification Service (SNS), and AWS Lambda.
Snyk and AWS
Snyk is a developer-friendly security platform that helps AWS customers find and fix security risks in code, open-source dependencies, containers, and IaC configurations. With tight integration into various IDEs, source control tooling, and CI/CD pipelines, Snyk meets developers and security practitioners wherever they work, including in AWS CodePipeline, Amazon EKS, AWS Security Hub, AWS CloudTrail Lake, Amazon Inspector, and several other AWS services!
Together, Snyk and AWS power modern DevSecOps practices — securing code as it’s created, as well as the design of cloud-native infrastructure and containers and the running cloud environment. As a strategic AWS partner, Snyk is technically validated to work seamlessly across both public and private AWS environments. It is integrated with the AWS services customers use to build and run their applications.
Want to learn more about Snyk’s developer-first security controls and how it might help you increase operational efficiencies in the cloud while reducing security risk? Check out our platform-wide demo on AWS to see the platform in action, or schedule a meeting with your Snyk representative!