Best practices for your first 30 days with Snyk

This post applies to Business and Enterprise plan customers.

Adopting a new platform can seem intimidating, but with Snyk it doesn't have to be. We have three tips to help you roll out Snyk, and have a seamless and successful first 30 days across your business or enterprise.

Before you start inviting team members and importing projects, you’ll want to consider your account strategy, set up single sign-on (SSO), and configure your first organization.

1. Define account structure

A thoughtful account strategy is important for two reasons. First, the way you set up your account controls who can access which projects. Second, group and organization configurations also control how some features are implemented. For example, if you have multiple development teams working on the same project or application, you’ll want to set up your organizations to provide access to those teams.

2. Set up SSO

Once you decide how to structure organizations in your account, you may want to take advantage of your company’s identity management system for Snyk access. This is the best way to provision new users to your Snyk account. With SSO implemented, your users can log into Snyk through your identity management provider to see the status of their projects, view reports, and resolve vulnerabilities. The organizational structure and way you provide access through SSO combines to keep users focused on the projects and organizations they belong to. SSO also helps ensure that teams are working in the company Snyk account rather than their own personal organization.

It’s important to set up SSO before inviting members to avoid duplicate users created via a method like Google or GitHub and the SSO account. If you end up with users that have more than one account, you’ll need to remove the duplicates. For more information on managing user and removing duplicates, check out these instructions.

3. Configure first organization

The third recommendation when getting started is to configure the settings for your first organization. Getting the default settings for notifications and automations right in the beginning makes for a much smoother experience. Notifications will be more relevant and useful if they are customized to your needs. We recommend setting up default notifications at the organization level so they’re applied to projects as you import them. Individual users can always tailor their personal notification settings to get the alerts they need most for their projects.

Automations are another Snyk feature that can be very powerful when applied correctly. But, depending on the maturity of your security posture, your teams may not be ready for them during your first 30 days.

Pro-tip: Disable the automations you aren’t using in your organization before importing projects.

If you run into any technical errors while following these three key steps, file a support ticket so we can help you out. 

Check out these resources to learn more:

• Group Kickoff Sessions for new customers, held twice a week

• Customer Office Hours

• Snyk Training - Decisions for DevSecOps with Snyk courses