Vanta & Snyk Integration

  • Updated

Using the Vanta and Snyk integration, Vanta will collect projects and vulnerabilities from Snyk and display them under a new tab on the vulnerabilities page. You’ll be alerted if new vulnerabilities are added as well as if any of your vulnerabilities are approaching SLAs, so you can track remediation! 

Connecting Vanta & Snyk

  • Verify that your current Snyk plan supports Rich API 
  • From Vanta, open the Integrations page and go to the Available tab
  • Find Snyk and click Connect


mceclip0.png

  • After clicking connect, the following pop-up will appear

  • Add the API token from your Snyk account
    • Select the correct Organization you want to integrate with Vanta
  • Alternatively, you may provide the API token from a service account 
    • For every API Request, a Service Account is necessary to generate a token with the correct permissions. Ideally, users should have a Group Viewer token to have read-only access to all Snyk API Endpoints
  • Ensure you are in the correct Snyk Group and Organization
  • Select Validate and Store

Snyk Groups & Organizations

  • Snyk can segment its user base into Groups, and these groups can also be divided into Organizations.
  • You can choose how you would like to filter your resources by selecting Manage followed by Edit groups and organizations 

Screenshot 2024-04-24 at 4.18.18 PM.png

  • Choose how you would like to filter your resources, and select Save

Screenshot 2024-04-24 at 4.21.07 PM.png