Snyk provides a seamless experience developers on the GitHub Platform. On top of being able to sign up for Snyk with GitHub credentials, our integrations allow you to quickly onboard repos as Snyk projects, integrate Snyk into GitHub Actions CI/CD, and consume results from Snyk Container and IaC in GitHub Code Scanning. Welcome to our Lab showing how to do all this, and more! We'll cover:

Creating a Snyk Account with GitHub

Signing up for Snyk with GitHub credentials is fast and easy.
We're also listed on the GitHub Marketplace!

Snyk's GitHub Integration

‌Snyk's GitHub integration allows developers to easily onboard their GitHub repositories to scan and continuously monitor them for open source security and license risks. This integration also enables Snyk's Automated Fix Pull Requests and adds Snyk checks on every Pull Request. For more information on GitHub Integration.

Snyk's GitHub Actions

Snyk provides GitHub Actions for scanning applications, containers, and IaC. GitHub Actions are integrated with GitHub events and leverage the Snyk CLI, granting total control over when and how to scan with Snyk. The integration with GitHub Security Code Scanning leverages GitHub Actions.

Snyk in GitHub Security Code Scanning

The GitHub Actions for Snyk Container and Infrastructure as Code support integration with GitHub Code Scanning to display vulnerability information in the GitHub Security tab.