Code Dx Enterprise integration

Feature availability This integration relies on the Snyk API, which is available on paid Snyk plans. Contact your Snyk team for details.
Code Dx Enterprise automates the workflows needed to centralize finding, analyzing, and fixing security vulnerabilities across disparate security tools.
Code Dx orchestrates scan automation, automates triage, and prioritizes tracking and fixing of vulnerabilities. It does this while continuously assessing the security risks across the entire software lifecycle. The Code Dx-Snyk connector allows Snyk SCA and Container scanning customers to pull in open source and container vulnerabilities into Code Dx programmatically. This allows Code Dx to de-duplicate, normalize, and correlate all the findings and offer a single, coherent thread of prioritized issues.

How Code Dx works

The Code Dx connector leverages the Snyk APIs directly to retrieve Project issues, format the results, and ingest results into Code Dx Enterprise. Code Dx optionally also supports JSON file-based ingestion techniques if needed.
Follow these steps to get started:
  1. 1.
    Retrieve the Snyk API Key from the Snyk UI. See Service accounts.
  2. 2.
    Select the Snyk Connector from the Tool Connectors Section for your Code Dx Project. For additional details on configuring data sources, see the CodeDx community.
  3. 3.
    Specify the Snyk Server URL, the API token, and the Organization, and check the Scan projects that start with selected project name option to pull in consolidated results for all related Projects, including nested Projects within a parent.
Configure Tool Connector
Configure Tool Connector

Visual representation of the results from Snyk in Code Dx

Results from Snyk in Code Dx
Results from Snyk in Code Dx