Skip to main content

Looking at the Snyk integration with Red Hat CodeReady Dependency Analytics

Written by:

Sarah Conway

September 3, 2020

0 mins read

This new article, published on Red Hat Developer, looks at how the newest release of CodeReady Dependency Analytics helps you detect, identify, and fix security vulnerabilities in your code through the Snyk integration. Red Hat CodeReady Dependency Analytics is a hosted service on OpenShift that provides vulnerability and compliance analysis for your applications, directly from your IDE.

The Snyk Intel proprietary vulnerability database enriches CodeReady’s security data, adding security, license compatibility, and AI-based guidance to help developers choose appropriate dependencies for applications. The CodeReady Dependency Analytics is available as an IDE plugin for Visual Studio Code (VS Code), Eclipse Che, Red Hat CodeReady Workspaces, and IntelliJ-based IDEs.

In the article, Darshan Vandra, Associate Software Engineer, Red Hat, and Parag Dave, Senior Product Manager, Red Hat, walk us through Snyk’s vulnerability detection and fast identification and advanced capabilities for analysis and triage.

Powered by Snyk Intel data, the CodeReady Dependency Analytics extension enables users of supported IDEs (VScode, IntelliJ, and more) to view Snyk vulnerabilities as they code, including Snyk premium vulnerabilities and detailed security advisories.

Snyk Intel is the most advanced and accurate open source vulnerability database in the industry. Continuously curated by an experienced Security Research Team and enriched with machine learning, the Snyk Intel Vulnerability Database maintains its high standards which enable your teams to be optimally efficient at containing open source security issues while maintaining their focus on development.

In addition to Red Hat, Docker, Google Chrome Lighthouse, the Linux Foundation, NodeSource’s N|Solid, Rapid7, Tenable, and Trend Micro embed Snyk Intel into their products to identify critical vulnerabilities in open source dependencies and container images.

Additional resources to help you get started with Snyk in OpenShift!

State of Open Source Security Report

Snyk analyzed responses from over 500 organizations and anonymized data collected from Snyk product usage to shed light on the current security posture of OS software and trends.