Shifting left security incident management with the Snyk & Opsgenie integration
Jay Yeras
2021年2月24日
0 分で読めますWe're excited to announce a new integration with Opsgenie, making it easier to further integrate security into existing incident management and operations workflows. This integration is based on Snyk's new custom webhooks API beta release announced last week.
We often tout the benefits of modern software development and digital transformation as cloud computing, containers, DevSecOps methodologies and other innovations transform organizations. Yet these advances also create noise that is often hard to tune out. An overflowing email inbox, reports lost in a flood of information overload, calendar creep...not to mention the list of tools that goes on and on.
The downside of traditional incident management is the lack of scalability and automation
Traditional incident management is not only too manual but it cannot scale to support distributed modern cloud infrastructure configurations.
Traditional incident management, something common to anyone in operations, involved monitoring tools and on-call alerts, systems administrators reviewing system and application logs and ultimately often pulling in the development team. Only to discover much later that the system was a victim of a denial of service attack. Yet, a postmortem would reveal the development team updated the application code and introduced a vulnerability. If everyone had only known sooner, think of the many hours everyone would have back?
This may seem like an over-dramatized relic of the past, but if you are a digital veteran like me, you have likely experienced events like this. I will even go a step further and say that I suspect some organizations still experience this today.
This also impacts modern developers—their job has gradually become more complex over the years. Today, highly specialized skills and diverse knowledge is required in many relevant areas. Case in point: security. This is why the Snyk Security Platform adds immense value. It offers clear and accurate insights into potential security issues in your code without requiring becoming a security subject matter expert. Snyk seamlessly integrates into your developer workflow to provide comprehensive security coverage across the entire software development lifecycle.
So, how do we tune out the noise and focus on security incidents and things that matter?
The flexibility and extensibility of the Snyk platform is integral to many of our partnerships, including our increasingly deeper collaboration with Atlassian.
Last year, we enhanced end-to-end security for Bitbucket Cloud development workflows beyond the existing integration with Bitbucket Cloud. We added support for Code Insights, an enhanced Snyk Pipe and other valuable features to bring security to the forefront of the developer workflow.
Introducing flexible security tooling that recognizes development workflows and changes with them
We are now excited to announce another milestone with Atlassian, providing incident alerts within Opsgenie and on-call management.
Snyk recognizes that development workflows are constantly changing, which requires security tooling that is flexible enough to change with them. This new integration is a perfect example of this. It leverages the Snyk API and extensibility and our new custom webhooks to seamlessly insert Snyk’s security automation into Opsgenie workflows.
This Atlassian article “The importance of an incident postmortem process” documents the path to better incident management with Opsgenie. When applying this process, developer teams gain “a chance to uncover vulnerabilities in your system. An opportunity to mitigate repeat incidents and decrease time to resolution. A time to bring your teams together and plan for how they can be even better next time.”
The reality is that it is unrealistic to expect an absolute immutable deployment that is immune to incidents. Change is inevitable. It is also a necessary part of software development. However, incidents can be mitigated by introducing security early in the process with mechanisms that support a proactive response to potential issues.
How does the Snyk integration help with security incident management?
Snyk’s integration with Opsgenie allows you to achieve this by proactively alerting you of any changes in your source code that introduce vulnerabilities. The moment a new vulnerability is discovered, an alert is triggered and your on-call is able to respond to the issue before it becomes an incident.
Opsgenie provides you with actionable and reliable alerting that is further enriched by Snyk’s integration, which includes detailed contextual information on security vulnerabilities.
From within the Opsgenie console you can obtain details about the issue and link to the Snyk Intel Vulnerability database for fix advice.
In this new Opsgenie blog post, Kate Clavet shares how easy-to-use and comprehensive Snyk’s Custom Webhooks API is, detailing how automated security and vulnerability management will enhance the Opsgenie user experience.
The Snyk Webhooks integration for Opsgenie allows you to be notified of Snyk system events, enabling you to build notifications and react to changes in your projects. When events are triggered, Snyk sends HTTP POST requests to Opsgenie for those events, with the information you need to get ahead of an issue before it reaches production and impacts your business.