Snyk Integration

Overview

Panoptica's Snyk integration enables Panoptica users to view their Snyk violations in the Panoptica platform. The Panoptica Snyk integration is based on the Snyk API. Panoptica retrieves CVE findings from Snyk projects, and catagorizes them by origin (gitub, gitlab, bitbucket, etc.) and project type (dockerfile, pip, gomodules, etc.).

Integration Steps

The Snyk integration is configured from Panoptica's Settings page: Settings >Integrations > Snyk. The Panoptica Snyk integration is based on your Snyk token and Organization ID.

1. Access Token
   In your Snyk dashboard, go to Settings > Service accounts. Create a service account and save the API token that was generated.

2. Organization ID
   In the Snyk dashboard, go to Settings > General. You will find your Organization ID under the Organization ID tab.
   https://snyk.io/org/{your-org-name}/manage/settings

3. In the Daily Schedule field, enter the schedule for your scan to take place.
4. Select the Enabled checkbox to enable the scan.

Once you have entered your information, click the Test Snyk Connection button to test your integration. After the first Snyk scan is complete, you can view your Snyk CVE findings in the Panoptica platform, under the Vulnerabilites tab. Additionally, you can select the Snyk Scan filter to specifically view your Snyk findings, as shown below.