Tailoring your notifications
The most common way for Snyk users to find out that they have an issue in their project is via our email alerts. It’s a core part of our service, but until recently, we didn’t have much in the way of configuration around what types of issues would trigger an email alert. As we scale our language support, enabling you monitor more projects in Snyk, we want you to feel better informed about the types of issues that matter to you, while making less noise about the issues that don’t.
Over the past few months, we’ve been tackling this in a few ways:
Two become one
We used to send out two separate email notifications: one for when Snyk finds a new issue in a project, and one for when new remediations available. Instead of receiving two emails, you will now receive a combined email in the event that Snyk finds either, or both.
We’ve also improved the design of these emails so they present you with clearer information.
Configuring a default notification policy
To customise the emails all your organisation’s members receive, if you’re an admin, head over to your organisation settings area. Customising options here will trickle down to all of your organisation’s members. However, a member of this organisation can override these default settings in their own account settings if they wish.
Project level customisation
Some of our users asked for the ability to opt out of notifications for particular projects, often because they were being managed by someone else on the team. So as well as being able to customise the notifications you receive on an org-level basis, you can now also refine this further by project in your account settings. We recommend setting blanket rules for your orgs (which new projects in that org will inherit), which you can then override for particular projects. A new project will inherit the notification defaults for the org it belongs to.
Another common request was to only receive emails for particular types of issues – often different individuals on a team will tackle the license issues and the security vulnerabilities. You can now customise which type of emails you get in your account settings. If your plan doesn’t include licenses, this option will be shown as disabled and you’ll only receive notifications about security vulnerabilities.
If you only want to be emailed about high severity issues, this is also possible, both on the project level and org level.
As well as being able to tailor the emails you get about issues, you can also customise the other types of core emails, such as whether you want weekly reports, whether you want to be alerted when you are approaching your test limit (on the free plan), and whether you want to be notified when a test report for a serverless project has been generated and is ready to view.
Try it out!
We started adding this functionality in our last all-hands, and we’ve now released this feature for everyone. We hope this will increase the signal to noise you get with your security notifications, and as a result help you stay secure.
Snyk is Now Integrated with Chrome's Lighthouse
DigitalOcean Used Snyk to Resolve a Critical Ruby Gem Vulnerability in a Single Day
March 28, 2018DigitalOcean found and fixed a critical vulnerability within one day of disclosure using Snyk's automated remediation system.
Subscribe to The Secure Developer Podcast
A podcast about security for developers, covering tools and best practices.
Interested in web security?
Subscribe to our newsletter: