Explore practical ways to use the Snyk CLI for static code analysis in this technical office hour session. Learn how to install the CLI, test repository code using the Snyk code test command, review and filter Snyk Code CLI results, and explore scenarios for outputting, exporting, and displaying results. Gain insights into incorporating Snyk Code CLI into your CI/CD pipeline for scanning source code for security vulnerabilities. Discover topics such as authentication, monitoring repositories, static and dynamic analysis, ignoring paths and files, sorting and filtering by severity, JSON output formats, and advanced SBOM standards. Engage with experts and get answers to your Snyk-related questions throughout this informative session.
Overview
Syllabus
- Stream Start
- Intros
- Introduction to Snyk CLI - Start
- Installing the Snyk CLI
- Authentication and Monitoring a Repository
- Snyk CLI High-Level Overview
- Running a Snyk Code Scan
- Static & Dynamic Analysis
- Ignoring Paths & Files
- What is a WAF?
- Sorting & Filtering by Severity
- JSON Output & Other Formats
- Advanced SBOM Standards
- Summary
- Stream End
Taught by
Snyk
