Connect a third-party integration
The third-party integrations are available in a Closed Beta state and are applicable only to the Snyk AppRisk Pro version. Please contact your salesperson if you are interested in Snyk AppRisk Pro.
The Integrations page shows all active integrations, including data from your existing Snyk Organizations that is automatically synced and provides access to the Integration Hub.
You can customize your AppRisk integrations from the Integrations Hub where the following SAST and Secrets integrations are available:
SAST:
Verocode SAST
Checkmarx SAST
SonarQube
Secrets:
Nightfall
GitGuardian
Data synchronization may take up to two hours after receiving the Connected status from a new integration setup.
Veracode setup guide
Prerequisites
The Veracode application concept is matched into the Snyk AppRisk repository assets. You need to create and utilize the Veracode custom field by using the Veracode API. More details about the Veracode custom field are available here.
Ensure you are adding a custom field called repoURL:
Required parameters
API ID and API Key - API credentials associated with a user account. For more information, access this link: https://help.veracode.com/r/c_api_credentials3.
Integration Hub setup
Open the Integration Hub menu.
Select the SAST tag and search for Veracode.
Click the Add button.
Add the profile name for this integration.
Add the API ID from your Veracode account.
Add the API key from your Veracode account.
Click the Done button.
When the connection is established, the status of the Veracode integration is changed to Connected.
Checkmarx setup guide
Use the following instructions to set up your Checkmarx SAST integration. Checkmarx SAST integration is only working for the Checkmarx SAST, we are not yet supporting Checkmarx One.
Snyk AppRisk Pro does not currently support the Checkmarx One integration.
Prerequisites
Install and configure your Snyk Broker connection for Snyk AppRisk.
Required parameters
API URL - The URL of Checkmarx API, for example,
checkmarx.customer.com
.Username and Password - Credentials for a user account with Checkmarx SAST access.
Integration Hub setup
After you have installed and configured Snyk Broker for AppRisk and you successfully established a connection for Checkmarx SAST, you also need to configure the integration from the Snyk AppRisk Integration Hub.
Open the Integration Hub menu.
Select the SAST tag and search for Checkmarx.
Click the Add button.
Add the profile name for this integration.
Add the Broker token for the Snyk AppRisk Checkmarx integration.
Add the Checkmarx host. E.g.
checkmarx.customer.com
Click the Done button.
When the connection is established, the status of the Checkmarx integration is changed to Connected.
SonarQube setup guide
Required parameters
API Key. Here you can find more details about the SonarQube API Key.
Integration Hub setup
Open the Integration Hub menu.
Select the SAST tag and search for SonarQube.
Click the Add button.
Add the Profile name for this integration.
Add the API token. Navigate to your SonarQube account, select User, select My Account, select Security, and then User Token. Here you can find more details about the SonarQube API Key.
Click the Done button.
When the connection is established, the status of the SonarQube integration is changed to Connected.
Nightfall setup guide
Required parameters
API Key. Here you can find more details about how to create a Nightfall API key.
Integration Hub setup
Open the Integration Hub menu.
Select the Secrets tag and search for Nightfall.
Click the Add button.
Add the Profile name for this integration.
Add the Base API URL for this integration.
Add the API Key for this integration.
Click the Done button.
When the connection is established, the status of the Nightfall integration is changed to Connected.
GitGuardian setup guide
Required parameters
API Key. Here you can find more details about how to create a GitGuardian API Key.
When you create a GitGuardian API Key, remember that it works for both service accounts and personal access token.
Ensure that the following permissions are set as READ:
Incident (
mandatory
)Teams (
recommended
for GitGuardian paid accounts)
Integration Hub setup
Open the Integration Hub menu.
Select the Secrets tag and search for GitGuardian.
Click the Add button.
Add the Profile name for this integration.
Add the API Token for this integration.
Click the Done button.
When the connection is established, the status of the GitGuardian integration is changed to Connected.
Last updated