Using the Vanta and Snyk integration, Vanta will collect projects and vulnerabilities from Snyk and display them under a new tab on the vulnerabilities page. You’ll be alerted if new vulnerabilities are added as well as if any of your vulnerabilities are approaching SLAs, so you can track remediation!
Connecting Vanta & Snyk
- Verify that your current Snyk plan supports Rich API
- From Vanta, open the Integrations page and go to the Available tab
- Find Snyk and click Connect
- After clicking connect, the following pop-up will appear
- Add the API token from your Snyk account
- Select the correct Organization you want to integrate with Vanta
- Alternatively, you may provide the API token from a service account
- For every API Request, a Service Account is necessary to generate a token with the correct permissions. Ideally, users should have a Group Viewer token to have read-only access to all Snyk API Endpoints
- Ensure you are in the correct Snyk Group and Organization
- Select Validate and Store
Snyk Groups & Organizations
- Snyk can segment its user base into Groups, and these groups can also be divided into Organizations.
- You can choose how you would like to filter your resources by selecting Manage followed by Edit groups and organizations
- Choose how you would like to filter your resources, and select Save