Skip to main content

Snyk announces new Slack integration

Artikel von:

Sarah Conway

feature-slack-partner

30. Mai 2023

0 Min. Lesezeit

We’re excited to announce a new Snyk app for Slack that provides notifications within the channels your teams rely on to address security issues in your code, open source dependencies, containers, and cloud infrastructure. Your developer teams get the notifications that matter the most, in their preferred collaboration platform, so they can act on them immediately.

By providing a Slack-native experience, the new Snyk app makes it easier to view and use Snyk data in Slack channels — and so much more, including:

  • Reducing context switching to resolve application security issues directly within Slack. 

  • Setting alerting thresholds to minimize disruption, noise, and risk.

  • Enhancing collaboration and productivity across multiple teams by discussing, prioritizing, and applying suggested fixes to vulnerabilities in a single place.

Snyk is working to increase developer productivity and build custom workflows to automate common actions in Slack, which empowers organizations to shift left by securing code as early as possible.

At Slack, we value providing an optimal experience for developer communities, whether they're building automations on Slack or looking for ways to streamline their own organization's code security measures. We're excited that Snyk's new integration will give developers new and efficient ways to further automate security and actively manage risk.

- Steve Wood, SVP of Product, Platform at Slack

Snyk's developer-first approach to security complements Slack’s focus on enhancing productivity, collaboration, and automation. Using Snyk within Slack enables teams to proactively manage risk across multiple teams and stakeholders within organizations. 

Scaling security insights

Scaling security requires more than just shifting left — developers must take accountability for security. That's why Snyk’s new Slack integration will deliver security insights natively within the channels and workflows developers prefer.

With the new Snyk app for Slack, developers and security teams receive real-time alerts in channels, offering immediate visibility into any new issues that Snyk has identified across all software components, including:

  • Code

  • Open source dependencies

  • Containers

  • IaC 

Staying on top of new vulnerabilities, upgrades, and patches that can impact projects is challenging. With the new app, you can receive prioritized severity alerts without leaving Slack. 

You can further enhance collaboration between security and development teams, and reduce application risk, by adding Snyk security insights to your Slack channels. Slack access controls protect sensitive data, while Snyk remediation advice ensures issues are fixed quickly. By setting relevant alerting thresholds and the relevant Slack channel, you get the timely information you need to make smart fix decisions without all the noise. 

Snyk app for Slack: Getting started 

The Snyk app for Slack provides vulnerability insights and actionable context for all your software projects in relevant Slack channels. Your teams get the notifications that matter the most and can act on them immediately. 

All you need to get started are these simple instructions and a free account.  For more details on setting up the new app, check out the Snyk app for Slack documentation.

1. Click on Slack App under Integrations on your Snyk Organization.

Button for the Slack App is highlighted under the notifications section of your integrations in the Snyk UI settings.

2. Connect Snyk to your Slack developer environment.

Authorization pop up asking for permission to send data from Snyk to Slack.
Pop up window asking user to grant permission for the Slack app to access user and organizational data from Snyk.
A final permission window where the Snyk for Slack app is requesting permission to access the organization's Slack workspace.

3. On the Snyk Organization’s settings page, configure your Snyk alert thresholds (low, medium, high, critical) and channel routing settings. If you wish to have Snyk message a private channel, you must add the “Snyk App for Slack” bot to that private channel before specifying it in the app’s settings.

Screenshot of the notification settings for the Snyk app for Slack, where users can customize notifications and set thresholds based on the severity of a vulnerability (e.g. only notify for critical/high severity vulns).

4. Receive Snyk alerts and fix information in the destination Slack channel.

5. Comment, discuss, and collaborate.

6. Select the desired Snyk-proposed fix to resolve the security vulnerability.

feature-slack-partner

Sie möchten Snyk in Aktion erleben?

Snyk interviewed 20+ security leaders who have successfully and unsuccessfully built security champions programs. Check out this playbook to learn how to run an effective developer-focused security champions program.