Comment on page
Running scans
You can use Snyk to scan your code:
- Automatically: after Project import or using the
snyk monitorCLI command or using PR Checks to scan new PRs.
To start using Snyk scanning capabilities for open-source libraries, container images, and application code, see Start scanning.
Scans may be limited on your account, depending on your Pricing Plan. See What counts as a scan? for more information.
- Scan open-source code with
snyk test. - Scan application code with
snyk code test. - Scan container images with
snyk container test. - Scan Infrastructure as Code (IaC) files with
snyk iac test.
A scan runs when you import a Snyk Project (see Import a Project) or click the Retest now button on a Project.
Scans are counted when calls are made to the https://snyk.io/api/v1/test endpoint.
Use the
snyk monitor CLI command to create a snapshot of a project on the Snyk website that will be continuously monitored for new vulnerabilities.Projects are scanned at the frequency you select in your settings; the default is daily. After using
snyk monitor, you will have recurring scans running on monitored Projects.After you import a Project, Snyk automatically runs periodic scans on that Project, to see if your code is affected by newly disclosed vulnerabilities.
The default scan frequency and available frequencies vary depending on the type of Project: Open Source, Code analysis, Container, or IaC. For more information, see Usage page details. You can also set frequency in the Project Settings (see View project settings) or use the Snyk REST API: see Updates project by project ID.
Snyk can scan every new Pull Request (PR) submitted on your monitored repositories to help prevent new vulnerabilities from being added to your codebase.
Last modified 2mo ago