We use cookies to ensure you get the best experience on our website.Read moreRead moreGot it

close
  • Products
    • Products
      • Snyk Open Source
        Avoid vulnerable dependencies
      • Snyk Code
        Secure your code as it’s written
      • Snyk Container
        Keep your base images secure
      • Snyk Infrastructure as Code
        Fix misconfigurations in the cloud
    • Platform
      • What is Snyk?
        See Snyk’s developer-first security platform in action
      • Developer Security Platform
        Secure all the components of the modern cloud native application in a single platform
      • Security Intelligence
        Access our comprehensive vulnerability data to help your own security systems
      • License Compliance Management
        Manage open source license usage in your projects
    • Self-paced security education with Snyk Learn
  • Resources
    • Using Snyk
      • Documentation
      • Vulnerability intelligence
      • Product training
      • Customer success
      • Support portal & FAQ’s
    • learn & connect
      • Blog
      • Community
      • Events & webinars
      • DevSecOps hub
      • Developer & security resources
    • Self-paced security education with Snyk Learn
  • Company
    • About Snyk
    • Customers
    • Partners
    • Newsroom
    • Snyk Impact
    • Contact us
    • Jobs at Snyk We are hiring
  • Pricing
Log inBook a demoSign up
All articles
  • Application Security
  • Cloud Native Security
  • DevSecOps
  • Engineering
  • Partners
  • Snyk Team
  • Show more
    • Vulnerabilities
    • Product
    • Ecosystems
Snyk API
Product

Extensibility and the Snyk API: our vision, commitment, and progress

Pat PoelsFebruary 17, 2021

At Snyk, we strongly believe in empowering developers to take ownership of security. 

Developers are the builders of today and ultimately hold the keys to successfully securing their code. Only a developer-first approach, one that combines developer-friendly tooling together with guidance by security, can help organizations traverse the path to better-secured applications. 

We are continuously striving to ensure this developer-first approach is apparent across our platform and that it is felt by our customers. Whether you are a developer or a security engineer, you should see a continuous improvement in your ability to tune Snyk’s security automation to fit your specific needs. A big part of this also means that you are increasingly able to tune Snyk’s security automation to your specific workflows and that you are not constrained to security processes within Snyk products. With that level of extensibility as our north star, you should experience an agile partner who is improving that platform every day.

This is the vision that Snyk is committed to achieving.

A key piece of the platform—the Snyk API

Snyk’s platform was designed to help you secure all the different building blocks making up your cloud native applications, helping you to find and fix vulnerabilities in your open source code, containers, infrastructure as code, and custom code. But the functionality provided in these products is backed by an additional core component of the platform—Snyk’s API.

Developer-friendly, comprehensive, and designed to support security at scale, Snyk’s API provides you with a programmatic ability to import your projects, test those projects for vulnerabilities, and track the status of those vulnerabilities. The various Snyk API endpoints that you can access programmatically expose some of the same capabilities of our products. This programmatic access helps to facilitate the customization, integration, and automation of Snyk’s security as part of your unique workflows. 

Snyk customers are leveraging the API in a variety of different ways and to support a myriad of interesting use cases. Some teams used the API to build tools that are automatically exporting Snyk’s data into monitoring systems already being used by developers, such as Prometheus and Grafana, or ticket and incident management platforms such as Confluence and Jira. Others are using the API to automate security processes at scale, creating scripts that automatically import new projects, tag them, or update them in Snyk when changes are applied. 

We are excited each time we learn of a new use case and are committed to improving the experience our customers have with the Snyk API.

Investing in modularity

We are extremely proud of the cloud native application security platform that we have built but this is just a start. 

Our vision for our platform is to help you secure your applications without needing to deploy multiple tools. We see our platform supporting your entire software development lifecycle, continuously growing together with you to support your changing needs, and most importantly—being ridiculously easy for developers to work with.  

To achieve this vision, we are doubling down on the modularity of our platform. Our products are built as modular components wherever possible, allowing us to build capabilities once that can be used across our platform. The more modular our platform, the more rapidly we can expand our products and develop our cloud native application security platform. 

Investing in our API aligns well with this strategy, as the same API endpoints that we expose to you as a developer also act as the modular core for our UI and our command-line interface (CLI). Helping you have more control over your Snyk experience actually helps us move faster. We are committed to continuing investment in the modularity of our platform. You can depend on Snyk to offer a powerful, reliable, performant, and complete API.

Snyk API Wednesdays

Check out our newest blog series highlighting the different ways the Snyk API is leveraged by our customers.

Read on

Our recent progress—Custom Webhooks!

In line with this commitment to API functionality, we are proud to announce the beta release of Snyk’s custom webhooks! 

Enabling our customers to subscribe to push events from Snyk, this new API functionality can be used to receive Snyk payloads in third-party systems—collaboration tools or incident management platforms—when a Snyk event is triggered, such as when a new vulnerability is identified. 

We will be publishing some examples of how to use Snyk’s Custom Webhooks on the Snyk Blog so stay tuned. In the meantime, feel free to refer to our documentation for more information.

Accelerating our API vision 

We know our customers are moving fast and want our platform to move at the same pace. To further fuel our platform push, we acquired Manifold—a Halifax, Canada-based company that is no stranger to extensibility and API. Previously building a Marketplace as a Service company for API-first products, Manifold brings tremendous platform talent and experience to Snyk. They extend our development footprint into North America, allowing for better global coverage and a great new location for hiring R&D talent.

The Manifold team has been working on building a platform for platforms, and their experience with building in a modular, API-first manner are a great complement to the Snyk team. Additionally, engineers from Manifold allow us to also accelerate our work on partner integrations. Modularity and extensibility make it easier to improve the breadth and depth of our service through integrations with other players in the security ecosystem, and Manifold will help bring those integrations to life.

2021 is going to be an exciting year for Snyk customers. As we continue to invest in extensibility and API, tuning Snyk’s security automation to your specific workflows will be simpler. This will ensure developer experience and also help guarantee consistent governance across the Snyk platform, ultimately resulting in better-secured applications.

Empower your developers to take ownership of security

Schedule a demo

Log4Shell resource center

We’ve created an extensive library of Log4Shell resources to help you understand, find and fix this Log4j vulnerability.

Browse Resources
Footer Wave Top
Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment
Develop Fast.
Stay Secure.
Snyk|Open Source Security Platform
Sign up for freeBook a demo

Product

  • Developers & DevOps
  • Vulnerability database
  • Pricing
  • Test with GitHub
  • API status
  • IDE plugins
  • What is Snyk?

Resources

  • Snyk Learn
  • Blog
  • Security fundamentals
  • Resources for security leaders
  • Documentation
  • Snyk API
  • Disclosed vulnerabilities
  • Open Source Advisor
  • FAQs
  • Website scanner
  • Japanese site
  • Audit services
  • Web stories

Company

  • About
  • Snyk Impact
  • Customers
  • Jobs at Snyk
  • Snyk for government
  • Legal terms
  • Privacy
  • Press kit
  • Events
  • Security and trust
  • Do not sell my personal information

Connect

  • Book a demo
  • Contact us
  • Support
  • Report a new vuln

Security

  • JavaScript Security
  • Container Security
  • Kubernetes Security
  • Application Security
  • Open Source Security
  • Cloud Security
  • Secure SDLC
  • Cloud Native Security
  • Secure coding
  • Python Code Examples
  • JavaScript Code Examples
Snyk|Open Source Security Platform

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.

Resources

  • Snyk Learn
  • Blog
  • Security fundamentals
  • Resources for security leaders
  • Documentation
  • Snyk API
  • Disclosed vulnerabilities
  • Open Source Advisor
  • FAQs
  • Website scanner
  • Japanese site
  • Audit services
  • Web stories

Track our development

© 2022 Snyk Limited
Registered in England and Wales
Company number: 09677925
Registered address: Highlands House, Basingstoke Road, Spencers Wood, Reading, Berkshire, RG7 1NT.
Footer Wave Bottom