SupportAPI docsProduct updatesSign up for free
Search…
Snyk User Documentation
Introducing Snyk
Snyk products and environments
Snyk languages and integrations
Snyk's core concepts
Groups, organizations, and users
Notifications
Reporting
Severity levels
Running tests
Snyk settings
Snyk intel vulnerability DB
Snyk Business Trial Limitations
Glossary
Introduction to Snyk targets and projects
Implementing Snyk in your teams
Getting started
Snyk Web UI
Snyk CLI
Snyk API
Snyk for IDEs
Snyk Apps
Snyk Integrations
SNYK PRODUCTS
Snyk Open Source
Snyk Code
Snyk Container
Snyk Infrastructure as Code
USING SNYK
Snyk Broker
User and group management
Fixing and prioritizing issues
Reports
Snyk Tools
SNYK INFO
Disclosing vulnerabilities
How Snyk handles your data
Snyk Partner workshops
Powered By GitBook
Snyk intel vulnerability DB

Introduction

Our vulnerability database contains the key security information used by our Snyk products to find and fix code vulnerabilities.
For customers who already have their own products, you can still benefit from Snyk’s expertise and accumulated knowledge, with access to this database, giving your development teams access to trusted intelligence, allowing them to rapidly secure open source and container code.

Process overview

  1. 1.
    Snyk helps you to set an integration up for your company.
  2. 2.
    Snyk provides documentation with instructions for access.
  3. 3.
    Snyk sends you DB information, typically as a JSON file, containing the DB information (see sample code) Note: we recommend that you save the file in a database.
  4. 4.
    You write code to use the DB information in your systems.

About the DB

A team of security experts and analysts manages Snyk's security database to ensure the database maintains high accuracy and eliminates false positives.
  • All items in the database are analyzed and verified.
  • The team also invests in proprietary research to discover new vulnerabilities. See our disclosed vulnerability list.

Database feeds

Snyk’s security database includes two feeds:
  • ​Application security vulnerabilities: supporting Snyk Open Source, with manually-curated content and summaries, including code snippets where applicable.
  • Linux OS vulnerabilities, supporting Snyk Container.
Both feed options can be licensed directly.
Previous
Snyk settings
Next
Snyk Business Trial Limitations
Last modified 8d ago
Export as PDF
Copy link
Edit on GitHub
Contents
Introduction
Process overview
About the DB
Database feeds