Start scanning
You can use Snyk to scan your code manually and automatically using the Snyk CLI, the Snyk Web UI, the Snyk API, and by running PR Checks.
Scans (tests) may be limited on your account, depending on your pricing plan. For more information, see What counts as a test?
| Features | Snyk Web UI | Snyk CLI | Snyk API | PR Checks |
|---|---|---|---|---|
Auto scanning | ✔️ | ✔️ | ✔️ | ✔️ |
Manual scanning | ✔️ | ✔️ | ✔️ | ➖ |
Local scans | ➖ | ✔️ | ➖ | ➖ |
Incorporate into the CI/CD pipelines | ➖ | ✔️ | ➖ | ➖ |
Obtain results precisely reflecting the Project vulnerabilities and configurations | ✔️ | ✔️ | ✔️ | ✔️ |
Scan using the CLI
See Getting started with the CLI for more details.
Use the following Snyk CLI commands for specific scanning methods:
| Command | Function | More details |
|---|---|---|
Scan open-source code | ||
Scan application code | ||
Scan container images | ||
Scan infrastructure as code (IaC) files | ||
Continually monitor a Project for new vulnerabilities. |
Scan using the Web UI
A scan runs when you import a Snyk Project (see Import a Project to scan and identify issues or click the Retest now button on a Project. Snyk then automatically runs periodic scans on that imported Project, to see if your code is affected by newly disclosed vulnerabilities.
See Explore Snyk through the Web UI.
The default scanning frequency and available frequencies vary depending on the type of Project: for more information, see Usage settings. You can also set the frequency in the Project Settings (see View and edit Project settings) or use the API Endpont Updates project by project ID.
Scan using the API
The Snyk API offers a set of endpoints to test your code. Scans are counted when calls are made to the test endpoint.
For details, see the API Test endpoint documentation.
Using PR Checks
Snyk can scan every new Pull Request (PR) submitted on your monitored repositories to help prevent new vulnerabilities from being added to your codebase.
See Pull Request Checks for details.
Last updated