Snyk Integration

Overview

Panoptica's Snyk integration enables you to view your Snyk vulnerabilities in the Panoptica platform. Panoptica retrieves findings from Snyk projects using the Snyk API, and categorizes them by origin (GitHub, GitLab, Bitbucket, etc.) and project type (Dockerfile, pip, Go Modules, etc.).

In order to configure the integration, you need to retrieve some details from your Snyk account, and enter them into Panoptica's console UI.

Retrieve Snyk Details

Log into your Snyk account to retrieve an access token and your Organization ID

1. Access Token
   In your Snyk dashboard, go to Settings > Service accounts.

   

2. Create a service account and save the API token that is generated.

3. Organization ID
   Still logged into the Snyk dashboard, go to Settings > General.
   You will find your Organization ID under the Organization ID tab.
   https://snyk.io/org/{your-org-name}/manage/settings

   

Integration with Panoptica

Now you're ready to configure the Snyk integration via Panoptica's Settings page:

1. Click Settings in Panoptica's main navigation pane, then select Integrations.

2. 

   Select Snyk to open the configuration screen.

   

3. Enter the Access Token generated by setting up a Snyk service account (above).

4. Enter the Organization ID you retrieved from your Snyk account (above).

5. Under Daily Schedule, enter the time you would like the scan to take place.

6. Click Test Connection to make sure everything is in order.

7. Don't forget to click Save

After the first Snyk scan is completed, you can view your Snyk vulnerability findings in Panoptica's Vulnerability Management. You can filter the results by selecting Snyk under Source Type in the Vulnerability Management filters.