Data Share Data Dictionary
Last updated
Last updated
More information
Snyk privacy policy© 2024 Snyk Limited | All product and company names and logos are trademarks of their respective owners.
Snyk Data Share is a comprehensive dataset encompassing various data pillars that support a wide range of use cases. You can use this dataset to present key security metrics such as issue backlog, aging, MTTR, SLA compliance, and test coverage, as well as to prioritize issues based on different factors, such as risk score, severity, CVSS, EPSS, and many more.
This dictionary is designed to help you navigate the dataset efficiently, with clear explanations of each table's purpose and the specific data contained in each column, enabling you to leverage the X dataset to meet your data reporting needs.
The diagram above represents the objects listed in the data dictionary as a database diagram. It covers the following tables:
current version: v1.0
The GROUPS table contains the main attributes of Snyk Groups. This data can be utilized for performing aggregations on the Group level or for zooming into the scope of specific Groups.
| Column name | Data type | Description |
|---|---|---|
| varchar | A universally unique identifier for a Group, assigned i the records source database. |
| varchar | The name of this group. |
| varchar | The name of the Group within Snyk. |
| timestamp_ntz | When this record was created in Snyk. |
| timestamp_ntz | When this record was deleted from Snyk. |
| timestamp_ntz | When this record was last modified within Snyk. |
| timestamp_ntz | When the data share data transformation last updated this record. |
current version: v1.0
The ORGS table contains the main attributes of Snyk Organizations. This data can be utilized for performing aggregations on the organization level or for zooming into the scope of specific organizations.
The group_public_id column allows you to query organizations in specific groups.
| Column name | Data type | Description |
|---|---|---|
| varchar | A universally unique identifier for an organization, assigned in the records source database. |
| varchar | A universally unique identifier for a group, assigned in the records source database. |
| varchar | The display name set for this organization. |
| varchar | The name for the Organization within Snyk. |
| timestamp_ntz | When this record was created in Snyk. |
| timestamp_ntz | When this record was deleted from Snyk. |
| timestamp_ntz | When this record was last modified within Snyk. |
| timestamp_ntz | When the data share data transformation last updated this record. |
current version: v1.0
The PROJECTS table contains main attributes of Snyk Projects, as well as the related target. Its data can be utilized for performing aggregations of filters on the project or target levels, including based on project collections, project tags or specific repo branches (using target_ref).
Snyk Reports only presents monitored projects that were not deleted. To match your results with Snyk Reports, filter your query with IS_MONITORED = TRUE and DELETE IS NULL.
| Column name | Data type | Description |
|---|---|---|
| varchar | A universally unique identifier for a project, assigned in the record's source database. |
| varchar | A universally unique identifier for an organisation, assigned in the record's source database. |
| varchar | A universally unique identifier for a group, assigned in the record's source database. |
| varchar | The name given to this project, when added to Snyk. |
| boolean | Whether this project is currently set to be actively monitored. |
| varchar | The scanning method to use for a particular Project, such as Static Application Security Testing (SAST) for scanning using Snyk Code, or Maven for a Maven project using Snyk Open Source. This is part of the configuration for scanning. |
| varchar | A display name Snyk assigned to internal project type values. |
| varchar | The frequency of testing for a given Project. For example, Daily, Weekly, and so on. |
| varchar | The Origin defines the Target ecosystem, such as CLI, GitHub, or Kubernetes. Origins are a property of Targets. |
| varchar | A reference that differentiates this project, for example, a branch name or version. Projects having the same reference can be grouped based on that reference. |
| varchar | The environment in which the Target is executed and run. |
| varchar | A display name for a project's target. |
| boolean | Whether the target's source is private or publicly reachable. |
| varchar | The hosting provider of a given target, for example, docker-hub, github, and so on. |
| varchar | A display value that represents the grouping for target sources, for example, Source Control, Container Registry, and so on. |
| varchar | The URL pointing to a target's upstream source, such as a URL for a GitHub repository. |
| array | A project attribute that indicates business criticality. For example, low, medium, high, critical. |
| array | A project attribute, for example, production, development, sandbox. |
| array | A project attribute, for example, frontend, backend, internal, external, mobile, saas, onprem, hosted, distributed. |
| array | All Project collections to which this project has been added. |
| array | All tags which have been assigned to this project. |
| varchar | The email of the user assigned as the owner of this project. |
| varchar | The username of the user assigned as the owner of this project. |
| timestamp_ntz | When this record was created in Snyk. |
| timestamp_ntz | When this record was deleted from Snyk. |
| timestamp_ntz | When this record was last modified within Snyk. |
| timestamp_ntz | When the data share data transformation last updated this record. |
current version: v1.0
The ISSUES table contains various attributes of Snyk Issues. Issues can be easily correlated with their originating project, target, org or group, utilizing the corresponding ID columns. On top of the issue's basic attributes, such as its introduction date, type, severity, score, etc., there are columns that elaborate on the vulnerability attributes, such as the CVSS score, EPSS Score, NVD Score, etc.
Querying the issues table allows:
Concluding various metrics and KPIs, among issue backlog, aging, MTTR and SLA compliance.
Visualizing trends of identified, ignored, resolved issues over time
Prioritize issues based on multiple factors and considerations
If you would like to match your results with Snyk Reports, filter your query with DELETE IS NULL, as Snyk Reports don't present deleted issues.
computed_fixability indicates whether the issue can be fixed based on the vulnerability remediation paths, for example:
Fixable: There is a fix for all the identified issues, meaning that all detailed paths have remediation.
Partially fixable: The issue has upgradable paths, but not all detailed paths have remediation.
No supported fix: The issue has no upgradable paths.
| Column name | Data type | Description |
|---|---|---|
| varchar | A unique identifier, representing a unique instance of a given vulnerability in a project. |
| varchar | Snyk Vulnerability database ID that uniquely identifies the vulnerability. |
| varchar | A universally unique identifier for a project, assigned in the record's source database. |
| varchar | A universally unique identifier for an organization, assigned in the record's source database. |
| varchar | A universally unique identifier for a group, assigned in the record's source database. |
| varchar | The Snyk Product which initially identified this issue. |
| varchar | Name of the Snyk discovered vulnerability. |
| varchar | URL which directs to the Snyk's Public Vulnerability Database website. |
| varchar | Indicates whether the issue is related to a vulnerability, license, or configuration. |
| varchar | A more granular variation of issue type. |
| varchar | URL which directs to the given's project's instance of this vulnerability on the Snyk Website. |
| varchar | Indicates whether the issue is open, resolved, or ignored. |
| varchar | Indicates the assessed level of risk, as Critical, High, Medium, or Low. |
| float | A score based on an analysis model. Priority score is released in General Availability, while Risk Score is in Early Access. |
| array | Mitre CVE ID(s) |
| array | Mitre CWE ID(s) |
| varchar | Represents the existence and maturity of public exploits validated by Snyk, for example, Mature, Proof of concept. |
| varchar | A Snyk generated classification describing the nature of an issue's introduction in the context of Snyk product usage, for example, Baseline Issue, Non Preventable Issue, Preventable Issue. |
| number | Snyk's recommended Common Vulnerability Scoring System (CVSS) score. |
| varchar | The vector string of the metric values used to determine the CVSS score. |
| varchar | The vulnerability's severity as rated by NVD. |
| number | The vulnerability's score as calculated by NVD. |
| number | The probability of exploitation in the wild in the next 30 days. |
| number | The proportion of all vulnerabilities with the same or lower EPSS score. |
| varchar | Indicates whether the issue can be fixed based on the vulnerability remediation paths. |
| boolean | Is the given vulnerability fixed in a different version of responsible source. |
| variant | The first version in which a given vulnerability was fixed. |
| variant | The vulnerable range of package versions (based on semantic versioning). |
| date | The date a given vulnerability was first published by Snyk. |
| timestamp_ntz | The timestamp of the first scan that identified the issue. |
| timestamp_ntz | The most recent instance of an issue having been introduced (or reintroduced). |
| timestamp_ntz | The most recent instance of an issue having been ignored within Snyk's product. |
| timestamp_ntz | The most recent instance of an issue having been resolved. |
| varchar | Indicates whether the issue is related to functions that are being called by the application and thus has a greater risk of exploitability. |
| varchar | The vulnerability's associated package name and version. |
| timestamp_ntz | When this record was deleted from Snyk. |
| timestamp_ntz | When the data share data transformation last updated this record. |
current version: v1.0
The USAGE_EVENTS table contains CLI interactions data that is collected from Snyk's CLI interfaces (CLI, IDE plugins, CI/CD pipeline tools). The CLI interaction events can be correlated with the execution context, such as their target, org or group, utilizing the corresponding ID columns.
Querying the USAGE_EVENTS table allows to measure:
Developers' usage and adoption of Snyk IDE plugins
Snyk tests in CI/CD pipelines
Snyk CLI utilization per the different commands: test, monitor, SBOM, etc.
| Column name | Data type | Description |
|---|---|---|
| varchar | The client-generated ID of the interaction event in the form of |
| varchar | A universally unique identifier for an organization, assigned in the record's source database. |
| varchar | A universally unique identifier for a group, assigned in the record's source database. |
| varchar | The Snyk product used during this interaction, for example, Snyk Open Source, Snyk IaC, Snyk Code, Snyk Container. |
| varchar | The application used to execute a snyk interaction, for example, PyCharm, Visual Studio, snyk-ls, snyk-cli. |
| varchar | The version of the integration. |
| varchar | The data schema version of Snyk's runtime interactions. The current version (v2) was released in Q2 2024. Prior versions' data may behave differently. |
| varchar | The type of interaction, could be "Scan done". Scan Done indicates that a test was run no matter if the CLI or IDE ran it, other types can be freely chosen types. |
| array | The category vector used to describe the interaction in detail, "oss","test". |
| array | When the interaction was started in UTC. |
| timestamp_ntz | Status would be "success" or "failure", where success means the action was executed, while failure means it didn't run. |
| varchar | The stage of the SDLC where the Interaction occurred, such as "dev"|"cicd"|"prchecks"|"unknown". |
| integer | The interaction's exit code as returned by the running process. More info about the exit codes and their meaning is available in Snyk Docs per a given interaction (test, monitor, etc.) |
| varchar | A purl is a URL composed of seven components. scheme:type/namespace/name@version?qualifiers#subpath The purl specification is available here: |
| varchar | The Environment used during this interaction, for example: CLI, Eclipse, Jetbrains IDE, Visual Studio, Visual Studio Code, or Other |
| varchar | The operating system for the integration (darwin, windows, linux, etc). |
| varchar | The architecture for the integration (AMD64, ARM64, 386, ALPINE). |
| varchar | The environment for the integration (e.g., IntelliJ Ultimate, Pycharm). |
| varchar | The version of the integration environment (e.g. 2023.3) |
| varchar | The name of the integration, could be a plugin or extension. |
| varchar | The version of the integration, for example: 2.3.4. |
| number | The duration in milliseconds of the interaction |
| varchar | The email of the user who was authenticated during the interaction. |
| varchar | The name of the user who was authenticated during the interaction. |
| timestamp_ntz | When this record was deleted from Snyk. |
| timestamp_ntz | When the data share data transformation last updated this record. |
current version: v1.0
The ISSUE_JIRA_ISSUES table allows to correlate between Snyk issues and assigned Jira issues. As Snyk enables more than one type of Jira integration, it's important to emphasize that the Jira issues that are available in the dataset are originated from the Jira integration that is explained in this article.
| Object name | Data type | Description |
|---|---|---|
id | varchar | A unique identifier, representing a unique instance of a given vulnerability in a project. |
| varchar | Snyk Vulnerability Database ID that uniquely identifies the vulnerability. |
| varchar | A universally unique identifier for a project, assigned in the record's source database. |
| varchar | A universally unique identifier for an organization, assigned in the record's source database. |
| varchar | A universally unique identifier for a group, assigned in the record's source database. |
| varchar | The URL of the Jira account provided to the Snyk Jira integration. |
| array | An array of all Jira Issues ever created for this issue. |
| varchar | The most recently created Jira Issue for this issue. |
| tiestamp_ntz | When the data share data transformation last updated this record. |
