Getting started

What is Snyk?

Snyk is a platform that allows you to scan, prioritize, and fix security vulnerabilities in your code, open-source dependencies, container images, and infrastructure as code configurations.

The Snyk developer-first approach

Snyk provides visibility in a developer’s workflow and actionable insights. The benefit is engaging developers in security practices as part of their development work. Thus, the focus is on building a secure application rather than overhead-intensive work, such as putting in hard QA gates.

Developers now assemble applications with a combination of proprietary and open-source code, run that code in containers, and then deploy with infrastructure as code configurations using technologies like Kubernetes and Terraform.

A robust security process secures each of these components where they are built and maintained. Snyk integrates into DevOps processes to work with developers using the methods each prefers, while following and supporting industry best practices. Snyk integrates directly into your IDEs, workflows, and automation pipelines to add security expertise to your toolkit.

Use Snyk in your workflow

  • Secure your code: use Snyk Open Source to fix vulnerabilities in your open source dependencies and Snyk Code to fix vulnerabilities in your source code.

  • Secure your containers: use Snyk Container to fix vulnerabilities in container images and Kubernetes applications.

  • Secure your infrastructure: use Snyk Infrastructure as Code (IaC) to fix misconfigurations in Terraform, CloudFormation, Kubernetes, and Azure templates. Use IaC+ to fix misconfigurations in Amazon Web Services accounts, Microsoft Azure subscriptions, and Google Cloud Projects.

Choose how to run Snyk

You can run Snyk in the following ways:

  • Web: the Snyk Web UI (app.snyk.io) provides a browser-based experience with functions such as configuration settings, filtering and fixing discovered issues, and reports.

  • CLI: the Snyk Command Line Interface enables you to run vulnerability scans on your local machine and integrate Snyk into your pipeline.

  • IDEs: the Snyk IDE integrations enable you to embed Snyk in your development environment.

  • API: the Snyk API enables you to integrate with Snyk programmatically, tuning Snyk security automation to your specific workflows.

This video shows using the CLI to scan for vulnerabilities.

How can Snyk work in my environment?

The Snyk tech stacks that are supported depend on the Snyk product you use:

What can Snyk integrate with?

Snyk integrations for your software development process allow you to integrate Snyk into your development and security processes, including source control, IDE, CI/CD, and many others.

See Integrate with Snyk for details.

What does Snyk cost?

Snyk has several pricing plans available, from free to Enterprise. See Snyk Pricing Plans.

What happens to my data?

See How Snyk handles your data for details of Snyk data handling.

Last updated

More information

Snyk privacy policy

© 2023 Snyk Limited | All product and company names and logos are trademarks of their respective owners.