Initial team rollout
Invite your stakeholders to explore Snyk features and integrate security into their workflows. After this step, your teams can fix issues, monitor pipelines, and manage vulnerabilities using integrations like Jira.
Follow these steps to roll out Snyk to your teams:
Configure notifications: Set up email alerts to ensure users receive relevant information without being overwhelmed.
Announce Snyk: Communicate the rollout to developers using standardized templates.
Provide training: Direct users to Snyk Learn for product and security education.
Deploy IDE plugins: Enable developers to find and fix issues locally before they commit code.
Configure notifications
Key decision: Determine the notification volume. Snyk recommends disabling all email notifications during the initial import to prevent alert fatigue.
Managing notifications ensures that developers only see high-priority issues that require action.
Instruct administrators to manually enable the critical alerts through their personal settings if they need to monitor progress.
Once the environment is stable, enable notifications in bulk for High and Critical severities only.
Disable all email notifications for new Organizations.
Navigate to Group > Settings to view the notification defaults overview.
Announce Snyk to your teams
Key decision: Assess the current comfort level of your development team. If they are new to security automation, disable intrusive features like Automatic PRs until they have completed initial training.
Use these templates to introduce Snyk. Replace the bracketed text with your specific details.
Email template
To: Developers
Subject: Launching Snyk at [Company name]
Hi all,
I’m excited to announce that we’re implementing Snyk at [Company name]
[optional: add personalized video, if desired]
Snyk will help us [enter your goal(s)].
As part of the launch process, we’ll invite you to a short “Intro to Snyk” and Q&A session to learn more about Snyk and the products we’re implementing. You’ll also have the opportunity to attend a developer training session and get access to Snyk Learn for self-paced tutorials to help you get started.
We’re looking forward to building secure applications together, with less frustration and interruption to your workflows for addressing security issues.
More info can be found at [hyperlink to your internal resource page/wiki with more info].
Regards,
_____ [Sender]
Instant message template
To: Developers
Subject: Launching Snyk at [Company name]
Hi all,
I’m excited to announce that we’re implementing Snyk at [Company name]
[optional: add personalized video, if desired]
Snyk will help us [enter your goal(s)].
As part of the launch process, we’ll invite you to a short “Intro to Snyk” and Q&A session to learn more about Snyk and the products we’re implementing. You’ll also have the opportunity to attend a developer training session and get access to Snyk Learn for self-paced tutorials to help you get started.
We’re looking forward to building secure applications together, with less frustration and interruption to your workflows for addressing security issues.
More info can be found at [hyperlink to your internal resource page/wiki with more info].
Regards,
_____ [Sender]
Provide developer training
Key decision: Match the training to the user persona. Use security education for novices and product training for those needing to master Snyk-specific workflows.
Snyk Learn security education: Teaches general security concepts, such as NoSQL injection and server-side request forgery.
Snyk Learn product training: Provides role-based learning paths for developers and administrators on the Snyk platform.
Engage development with IDE plugins
Key decision: Evaluate the maturity of your AppSec program. For new programs, introduce plugins as a tool to validate fixes for prioritized issues. For mature programs, provide immediate access to prevent new issues from entering the codebase.
Snyk IDE plugins allow developers to find and fix vulnerabilities before they reach the CI/CD pipeline. This shift-left approach reduces the time spent on security reviews.
Identify the primary IDEs used by your teams (VS Code, JetBrains, Visual Studio, or Eclipse).
Provide installation guides for the relevant Snyk IDE extension.
Configure regional hosting: If your application is on the EU or AU data center, specify the regional URL in the plugin settings.
Last updated
Was this helpful?