You can use Snyk to scan and secure your codebase and cloud infrastructure configurations, taking advantage of the Snyk capabilities in Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Infrastructure as Code analysis.
Select scanning methods
Implement a workflow to secure your code and infrastructure in your environment using the scanning methods provided by Snyk products:
Snyk Code: Scan your codebase for known vulnerabilities and get remediation guidance either inline in your IDE or by importing your code repository to Snyk Web UI. More information: Exploring the advanced technologies behind Snyk Code.
Snyk Container: Find and automatically fix container and workload vulnerabilities.
Scan infrastructure: Secure cloud infrastructure configurations before and after deployment.
Snyk has several features that help you determine which issues are the most important for you to fix and the sequence in which to fix the issues.
See Find and manage priority issues for details.
Run pull request checks
Scan and automatically address potential vulnerabilities when you review pull requests (PRs), to prevent security issues in production.
For more information, see Run PR checks.