Snyk announces new Slack integration
Sarah Conway
30 mai 2023
0 minutes de lectureWe’re excited to announce a new Snyk app for Slack that provides notifications within the channels your teams rely on to address security issues in your code, open source dependencies, containers, and cloud infrastructure. Your developer teams get the notifications that matter the most, in their preferred collaboration platform, so they can act on them immediately.
By providing a Slack-native experience, the new Snyk app makes it easier to view and use Snyk data in Slack channels — and so much more, including:
Reducing context switching to resolve application security issues directly within Slack.
Setting alerting thresholds to minimize disruption, noise, and risk.
Enhancing collaboration and productivity across multiple teams by discussing, prioritizing, and applying suggested fixes to vulnerabilities in a single place.
Snyk is working to increase developer productivity and build custom workflows to automate common actions in Slack, which empowers organizations to shift left by securing code as early as possible.
At Slack, we value providing an optimal experience for developer communities, whether they're building automations on Slack or looking for ways to streamline their own organization's code security measures. We're excited that Snyk's new integration will give developers new and efficient ways to further automate security and actively manage risk.
- Steve Wood, SVP of Product, Platform at Slack
Snyk's developer-first approach to security complements Slack’s focus on enhancing productivity, collaboration, and automation. Using Snyk within Slack enables teams to proactively manage risk across multiple teams and stakeholders within organizations.
Scaling security insights
Scaling security requires more than just shifting left — developers must take accountability for security. That's why Snyk’s new Slack integration will deliver security insights natively within the channels and workflows developers prefer.
With the new Snyk app for Slack, developers and security teams receive real-time alerts in channels, offering immediate visibility into any new issues that Snyk has identified across all software components, including:
Code
Open source dependencies
Containers
IaC
Staying on top of new vulnerabilities, upgrades, and patches that can impact projects is challenging. With the new app, you can receive prioritized severity alerts without leaving Slack.
You can further enhance collaboration between security and development teams, and reduce application risk, by adding Snyk security insights to your Slack channels. Slack access controls protect sensitive data, while Snyk remediation advice ensures issues are fixed quickly. By setting relevant alerting thresholds and the relevant Slack channel, you get the timely information you need to make smart fix decisions without all the noise.
Snyk app for Slack: Getting started
The Snyk app for Slack provides vulnerability insights and actionable context for all your software projects in relevant Slack channels. Your teams get the notifications that matter the most and can act on them immediately.
All you need to get started are these simple instructions and a free account. For more details on setting up the new app, check out the Snyk app for Slack documentation.
1. Click on Slack App under Integrations on your Snyk Organization.
2. Connect Snyk to your Slack developer environment.
3. On the Snyk Organization’s settings page, configure your Snyk alert thresholds (low, medium, high, critical) and channel routing settings. If you wish to have Snyk message a private channel, you must add the “Snyk App for Slack” bot to that private channel before specifying it in the app’s settings.
4. Receive Snyk alerts and fix information in the destination Slack channel.
5. Comment, discuss, and collaborate.
6. Select the desired Snyk-proposed fix to resolve the security vulnerability.
Détecter et corriger automatiquement les vulnérabilités
Snyk fournit des PR de correction en un clic et des conseils de remédiation pour votre code, vos dépendances, vos conteneurs et votre infrastructure de cloud.