Tailoring your notifications

The most common way for Snyk users to find out that they have an issue in their project is via our email alerts. It’s a core part of our service, but until recently, we didn’t have much in the way of configuration around what types of issues would trigger an email alert. As we scale our language support, enabling you monitor more projects in Snyk, we want you to feel better informed about the types of issues that matter to you, while making less noise about the issues that don’t.

Over the past few months, we’ve been tackling this in a few ways:

Two become one

We used to send out two separate email notifications — one for when Snyk finds a new issue in a project, and one for when new remediations available. Instead of receiving two emails, you will now receive a combined email in the event that Snyk finds either, or both.

We’ve also improved the design of these emails so they present you with clearer information.

Configuring a default notification policy

To customize the emails all your organization’s members receive, if you’re an admin, head over to your organization settings area. Customizing options here will trickle down to all of your organization’s members. However, a member of this organization can override these default settings in their own account settings if they wish.

Project level customization

Some of our users asked for the ability to opt out of notifications for particular projects, often because they were being managed by someone else on the team. So as well as being able to customize the notifications you receive on an org-level basis, you can now also refine this further by project in your account settings. We recommend setting blanket rules for your orgs (which new projects in that org will inherit), which you can then override for particular projects. A new project will inherit the notification defaults for the org it belongs to.

Notification types

Another common request was to only receive emails for particular types of issues – often different individuals on a team will tackle the license issues and the security vulnerabilities. You can now customize which type of emails you get in your account settings. If your plan doesn’t include licenses, this option will be shown as disabled and you’ll only receive notifications about security vulnerabilities.

Severity thresholds

If you only want to be emailed about high severity issues, this is also possible, both on the project level and org level.

More granularity

As well as being able to tailor the emails you get about issues, you can also customize the other types of core emails, such as whether you want weekly reports, whether you want to be alerted when you are approaching your test limit (on the free plan), and whether you want to be notified when a test report for a serverless project has been generated and is ready to view.

Try it out!

We started adding this functionality in our last all-hands, and we’ve now released this feature for everyone. We hope this will increase the signal to noise you get with your security notifications, and as a result help you stay secure.