Overview
Syllabus
Introductions
Agenda
Useful Resources and Community
Poll
Big Picture - rolling out Snyk in your pipeline - First 30 days
Initial settings - Enable Snyk Code, Set License, Security, and IaC policies
Connecting to a code repository, suggestions for Github customers, Integration and settings, and the PR check
Adding projects from a Git code repository
Importing at Scale - Import API
Pull request checks
Mark as successful in SCM
Pull Request Check settings - Day 1 vs Steady State
IDE - Installing and Authorizing
Personal Account Token for CLI, API, IDE
IDE - testing your code
CLI - Installing and Authorizing locally and build system
CLI - Open Source - Testing, Monitoring Open Source, Generating Artifacts
CLI - Generating Build Artifacts - SBOM, snyk-to-html
CLI - Snyk Code Test, test artifacts, output formats Sarif, JSON, snyk-to-html
CLI - IaC - test your IaC files
CLI - IaC - Kubernetes
CLI - IaC - Reporting issues in IaC with --report
CLI - IaC - Terraform, plan files
CLI - Containers - Test and Monitor
CLI - Containers - Filtering/Focusing results
Reviewing issues at the project level and enterprise reports
Reporting - Export CSV, API
Jira - Choosing the Snyk legacy integration and the new Jira integration
Jira - Enabling the new Jira Integration
Jira - Creating Tickets, Automation from results
Jira - Refresh - high level steps for integration and a helpful video
Q&A - API/export - Does Snyk export contain description and examples, as well as fixes?
Q&A - CLI - Integrating with a CI/CD that has no integration i.e. Bambu, discussion on Snyk Labs examples
Q&A - Snyk Service Account Token - using the service account token
Q&A - Reporting - Reset or remove reporting history
Q&A Ignores and CI/CD - Recommended actions for CI/CD
Thank you!
Taught by
Snyk