Snyk Documentation

Artifactory Snyk plugin overview

Install Snyk plugin directly on the Artifactory server to track open source vulnerabilities and license details in your cached artifacts.

Once installed, Snyk plugin runs in the background and automatically:

  1. Blocks devs from downloading packages with vuln / license issues according to a predefined threshold that the admin sets
  2. Adds vuln and license data from Snyk as properties in artifact
  3. Continuously monitoring cached artifacts and update their vuln and license data from Snyk (coming soon)

By scanning artifacts as part of your workflow and then displaying those test results directly from the Artifactory UI, the Snyk plugin enables you to more quickly track and identify issues that risk your application’s security and avoid using those artifacts in your projects.

This plugin is available for Pro and Enterprise plans. 

This document describes: