View and report on all of your Snyk Infrastructure as Code configuration issues
6 avril 2021
0 minutes de lectureWe’re pleased to announce support for viewing all of your Snyk Infrastructure as Code (Snyk IaC) configuration issues in the reporting functionality of the Snyk platform.
You can now view a complete picture of the open issues across your application, covering vulnerabilities from open source libraries and container images, licenses, and now configuration issues from your Kubernetes and Terraform files. Snyk’s reports provide you a high level view of the number of issues you have open now, as well as a longer term trending view that allows you to see how quickly issues are being resolved. With the addition of the configuration issues that are discovered by Snyk IaC, you can now see different components of your application reported in the same view, giving you a broader picture of your application’s security.
Snyk reporting
The reporting dashboard provides a high level summary view, showing trends over time and how long issues have been open. This enables you to easily get a snapshot view of where you are today and work with teams to help them progress.
You can also drill down to view issues specifically related to configuration, allowing you to get a more detailed view of how secure your Kubernetes & Terraform deployments are. If you have used Snyk’s reports before, you’ll notice there is a new issue type called Configuration in the filters, to help quickly sort these issues from vulnerabilities and license compliance issues:
You can view a full list of open issues, where you can see the severity of the issue and the project in which it was found. At the issues level, you can use the Issues Filterto further refine the view to Kubernetes, Helm, or Terraform issues, or all of the above:
Of course, one option that many customers prefer is to programmatically work with the data externally by integrating with our API (check out our API Wednesdaysseries if you want to dig deep on the Snyk API), or exporting the data to CSV from the Issues tab in reporting, both of which are available now with your Snyk IaC data.
The ability to view reports of your configuration issues is available today for all paid Snyk Infrastructure as Code customers. For more information, view the Snyk IaC documentation.
Une infrastructure sécurisée à la source
Snyk automatise la sécurité et la conformité de l’IaC dans les workflows, et détecte les ressources manquantes ou ayant dérivé.