SupportSnyk LearnAPI referenceProduct updatesSign up for free

Snyk AppRisk

Snyk AppRisk is a product that enables Application Security teams to implement, manage, and scale a modern, high-performing, developer security program. The product covers use cases under Application Security Posture Management (ASPM).

Overview

Snyk AppRisk builds upon the capabilities of Snyk Essentials by offering:

  • More sophisticated risk-based prioritization with runtime Insights - such as whether an app is deployed and public facing, and whether vulnerable packages found by Snyk Open Source are actually used in runtime.

  • Manage security coverage for secrets detection tools: Assess coverage for secrets detection alongside Snyk's AST products.

  • Scalability for diverse environments: Robust security management across various development environments.

The following videos show the capabilities of Snyk AppRisk.

Snyk AppRisk additional capabilities overview

Features

Snyk AppRisk provides additional features beyond those available in Snyk Essentials:

  • Integrations with non-Snyk products to support security coverage and Insights use cases

  • Insights for runtime context - providing risk factors to help with risk-based prioritization.

  • Analytics for reviewing and comparing assets and issues metrics at the level of asset classes, applications, or code owners.

Prerequisites

  • You are a Snyk Enterprise customer.

  • Your account is entitled with access for Snyk AppRisk.

  • You are a Group Administrator for the Group associated with Snyk AppRisk, or you are assigned a Group level role with permissions to View Group and Edit AppRisk.

  • The Group associated with Snyk AppRisk includes organizations that have onboarded Snyk application security products.

  • You have the necessary permissions to onboard cloud-based SCM tools (Azure DevOps, GitHub, GitLab, and so on) to Snyk AppRisk for repository asset discovery.

When you integrate a Git code repository with Snyk Essentials, you should use a secondary token with a broad, complete view of the code repository, not only of what you imported into Snyk. Use a secondary token to counterview everything onboarded using Snyk. Using the secondary token reduces the likelihood of introducing a blindspot from a limited token at the Organization level configuration. The first import, synchronization, can take up to 24 hours to complete.

Permissions

You can access Snyk AppRisk with one of the Group level roles permissions described below. To access the permissions, navigate to View groups, then select the Snyk AppRisk permissions option.

  • View AppRisk - Grants you a read-only access to AppRisk.

  • Edit AppRisk - Grants you edit access to AppRisk, for example, edit policies, edit asset classification, and add the integration.

A Group Administrator has the Edit AppRisk permission assigned by default, and a Group Viewer has the View AppRisk permission assigned by default.

For more information on default user roles and permissions, see Default user roles.

Login and Authentication

Login and authenticate to Snyk using existing mechanisms (SSO, Google SAML, and so on).

Accessing Snyk AppRisk

Ensure you are at the Group level to access the Snyk AppRisk options. From the Group level you have a centralized security management that enhances security and simplifies security procedures for projects.

The Snyk AppRisk features are available at the Group level from the Snyk Web UI.

Key Concepts

Some of the key concepts for Snyk AppRisk are asset, class, coverage, or policy. Navigate to the Snyk - Essentials Key concepts section for more details.

Scanning methods

You can initiate a scan from the Web UI, the CLI, the API, or with PR Checks. See Scanning methods and Start scanning for more details.

Capabilities and features

Snyk Essentials
Snyk AppRisk

Availability

Included with all Enterprise plans.

Available for sale; reach out to your account manager for more information.

Applicability

Helps Snyk customers better manage their developer-first application security program with Snyk.

Helps Snyk customers prioritize with Insights risk factors from runtime data sources, and manage and scale their developer-first application security program more holistically.

Integrations and Data Sources

  • SCM

  • Application Context - Developer Portals, Service Catalogs, CMDBs

  • Jira integration

In addition to Essentials:

  • 3rd party secrets

  • 3rd party Runtime, observability, cloud, CNAPP

  • Snyk Runtime Sensor

Discovery and visibility

  • Discover and classify code-based assets and runtime-based assets (repositories, packages, images).

  • Issue counts identified by Snyk

  • Discover and classify code and runtime-based assets (repositories, packages, images).

  • Issue counts identified by Snyk and view issue counts identified by third-party tools.

Security coverage management

Ensure these assets are covered by Snyk.

Ensure these assets are covered by Snyk or other third-party tools.

Issue prioritization

Prioritize with asset and application context, and automate risk management workflows for assets using policies.

Manage risk holistically by:

  • Prioritizing issues posing greatest risk with runtime Insights.

  • Tracking and reporting upon program health with risk and coverage metrics via Application Analytics.

PreviousSnyk EssentialsNextSnyk Tools

Last updated

Was this helpful?