• The List
  • Tools Powered by Snyk
  • Snyk CLI, Plugins, Extensions, Filters
  • SDKs
    • Python
    • JavaScript / TypeScript
    • Snyk API Helpers
  • IDE Plugins
  • Integration tooling
    • CI/CD
      • CircleCI
      • CodeShip
      • GitHub Actions
    • Container Registries
      • Artifactory CR
    • Issue & Project Management
      • Jira
    • Monitoring & Observability
  • Videos
  • Articles
  • Books
  • Slides
  • Labs
  • Podcasts
  • Trainings
  • Community
• License

• Snyk Advisor - Find the best package for your next project
• is-website-vulnerable - finds publicly known security vulnerabilities in a website's frontend JavaScript libraries
• Security Report - a CLi to responsibly disclose a security issue to the Snyk's security team

Useful in for running snyk locally and for automating CI/CD workflows

• Snyk CLI - The Snyk CLI
• Snyk asdf plugin - asdf plugin for Snyk. Easily manage multiple versions of Snyk CLI in your runtime environment
• Snyker - An opinionated CLI wrapper around Snyk for purging vulnerabilities from Node projects.
• snyk-to-html - Create template-based HTML artifacts from Snyk CLI JSON output; useful for generating build artifacts
• snyk-issues-to-html - This command line utility uses the Snyk API to export the list of all reported issues for a Snyk organization to a static HTML page.
• snyk-disallow - Create and manage a list of unwanted dependencies against which you can test your application with Snyk
• snyk-filter - Filter CLI test results and/or fail CI builds using custom criteria
• snyk-licenses-texts - Generate a Snyk organization-level report showing licenses and copyright attribution for all dependencies in use
• snyk-delta - Prevent new vulns feature for CLI projects, comparing the the delta between your current test and an existing snapshot. Particularly useful when running CLI-based scans, like in your local environment, git hooks, etc.\
• snyk-cli-with-longformprojectname - It contains --longformprojectname option, allowing project versions to be appended to the project name. Addressing very specific needs primarily around maven projects. This project is continuously updated and in sync with github.com/snyk/snyk
• snyk-scm-refresh - Keeps Snyk projects in sync with their associated Github or Github Enterprise repos
• helm-snyk - Check for vulnerabilities in container images referenced in your helm charts
• Snyk User Sync Tool - sync user org memberships from an external source into Snyk
• Snyk History Scanner - A very thin wrapper around the Snyk CLI tool to make it possible to monitor specific versioned releases of software
• snyk2spdx - Convert Snyk CLI output to SPDX format
• snyk-cleanup-archived-github-repositories - Remove archived repositories from Snyk
• snyk-watcher-lambda - snyk-watcher is triggered via a Gitlab System Hook which calls an AWS Lambda via AWS API Gateway. Keeps Snyk projects in sync with their associated Gitlab Enterprise repos

• PySnyk - A Python client for the Snyk API
• python-snyk-test - A tool that wraps pysnyk library for easier usage from command line interfaces.

• dep-graph - TypeScript package for representing a dependency graph for use with the Snyk dep-graph testing API https://github.com/snyk-tech-services/snyk-api-ts-client

• API Import by Snyk Tech Services team
• Snyk Request Manager by Snyk Tech Services team
• Collection of Snyk admin scripts by Bink

• InteliJ Snyk plugin - Detect and fix security issues in your project
• Eclipse Snyk plugin
• Vuln Cost - Security Scanner to find and fix vulnerabilities in JavaScript and TypeScript.
• VS Code Snyk - A Snyk plugin for Visual Studio Code
• PyCharm Security plugin - Anthony Shaw author of PyCharm Security plugin added support for Snyk for versions >= 1.13.0 of the plugin.

• Snyk CI/CD Integration Examples

• Circle CI Snyk Orb - This orb uses Snyk to find, fix and monitor known vulnerabilities in your app dependencies and docker image

• Snyk in Codeship

• Propagate Python Fix - Propagates fixes injected into requirements.txt into requirements.in
• Prevent job from CircleCI - Sample gradle project with CircleCI pipeline saving the test output for snyk to pick up in github action
• Test PNPM projects - Allows PNPM projects to be scanned in a similar manner NPM projects on Snyk.

Snyk CR Monitor - Monitor container images in on-premise Artifactory container registries with Snyk

https://github.com/snyk-tech-services/jira-tickets-for-new-vulns

• Lunarway's Prometheus exporter for Snyk - Prometheus exporter for Snyk
• prometheus_snyk_exporter - Gathers security vulnerability metrics from snyk.io for use in Prometheus monitoring https://github.com/snyk-tech-services/backstage-plugin-snyk

• An Introduction to Snyk - Open Source Security
• HackTheBox CA CTF - Using Snyk to Find & Fix Vulnerabilities
• Find Vulnerabilities In Your Code With Snyk
• Open Source Vulnerability Scans | Snyk | #6MinuteSaturdays | Tech Primers

• Q&A with Snyk on security, npm and the Node.js Foundation
• Use Snyk security policies to prioritize fixes more efficiently
• How to publish Node.js Docker images to Docker Hub registry using GitHub Actions
• This Is How We Use Snyk to Protect Our Open-Source Projects from Bad Dependencies
• Angular vs React: the security risk of indirect dependencies
• Snyk Security Scan Installation and Configuration in Azure Pipelines — DevOps Roadmap

• Securing Open Source Libraries
• Cloud Native Application Security
• Continuous Delivery for Infrastructure as Code

• A New View of Your Application Security Program with Snyk and ThreadFix
• AWS live hack: Atlassian + Snyk OSS on AWS

• Learn to scan Docker Containers with Snyk

• Apple Podcasts
• Spotify

• Snyk Learn

• Discord
• Twitter
• Snyk Ambassador Program

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.