Snyk is a security platform that allows team sto find and fix vulnerabilities in their code. You can use Snyk to drive insights into values such as:
In order to connect Cortex to your Snyk instance, you’ll need to create a Snyk API Token, and add it under Settings → Snyk.
Cortex uses the Git repository attached to the service in the Service Descriptor to automatically discover the associated Snyk projects. It does so by getting a list of all Snyk projects across all Snyk organizations, and finding any projects that are associated with the same repository.
If you need to override the automatic discovery, you can define the following block in your Cortex Service Descriptor.
- organizationId: 01234567-e65f-4b7b-a8b1-5b642894ec37
The value for
projectId should be the organizationId and projectId as defined in Snyk.