Snyk for ServiceNow Application Vulnerability Response gives application security teams a single view for all their open source, code vulnerabilities, and misconfigurations from development to production. Teams can now simplify coordination with development teams and better manage risks and issue prioritization with a single view, as well as create automated processes for workflow tracking, and process exceptions.
Snyk Open Source automatically detects vulnerabilities and automates fixes during development. With 70-90 percent of modern software applications containing open source software, it’s important to understand and track any security risk this introduces.
Snyk Code analyzes source code directly with unparalleled speed and accuracy at 2.8x the speed of legacy SAST solutions. In addition to providing developers visibility into security flaws in their code, Snyk Code provides actionability and dramatically reduces vulnerability backlogs and time to fix by providing fixes in-line with code in their IDE, CLI, and pull request workflows.
Snyk Infrastructure as Code (IaC) helps security teams identify and fix misconfigurations in their cloud and infrastructure deployments. It integrates seamlessly into the development workflow, so security is built into the code, rather than just the infrastructure. Actionable remediation guidance helps security teams guide developers to resolve misconfigurations quickly.
-
Deliver Snyk security insights on vulnerabilities in open source and code vulnerabilities seamlessly into a ServiceNow workflow
-
Provide visibility into your development team’s application security risk in both platforms
-
Enable AppSec managers to create automated workflow processes to minimize risk and guide developer teams to focus on the highest priorities
- Calculate vulnerability risk and determine prioritization using ServiceNow’s vulnerability calculators combined with Snyk’s industry-leading intelligence
-
Synchronize vulnerability exceptions between ServiceNow and Snyk
-
Consolidate vulnerabilities and security outcomes, giving security teams visibility into end-to-end workflow management
-
This change strongly impacts the behavior of your integration in two ways. We have added the ability to auto-close AVITs based on project status in Snyk AND based on the Vulnerability Filtering settings. Vulnerability Filtering: If you change the scope of the Vulnerability filters for the Snyk integration jobs, the next run of the "Projects and Organizations Integration Job" MAY change (increase or decrease) the number of projects selected for import and therefore the number of Open AVITs.
-
If projects are not found based on filtering, the associated Discovered Applications are marked as "inactive" in ServiceNow. During the next run of the issues import jobs, all associated AVITs for those projects will be closed. The net effect could be a large increase or reduction in the number of AVITs reported. For example, adding a filter of ONLY "critical" issues will automatically close ALL AVITs that are not considered critical by Snyk. For the reverse, if the filtering expands the number of projects imported to include projects already imported but marked inactive, the Discovered Application will be reset to "Active" and the associated AVITs reopened regardless of whether the AVIT was previously closed. The background processing of closing those AVITS may impact system load.
-
Project Closure/Deletion - If you deactivate or delete a project in Snyk, the Discovered Application in ServiceNow associated with that project will be set to inactive or closed, depending on the setting from Snyk. During the next run of the issues import jobs, all associated AVITs for those projects will be closed. The net effect could be a large increase or reduction in the number of AVITs reported. If projects are reactivated in Snyk, the associated AVITS will be reopened.
-
NOTE: If the AVIT had been previously closed because it was marked as resolved by Snyk, the Issues integration job will need to be reset to an earlier "Start Date" or set to blank to correctly set the status of the AVITs"
Vulnerability Response version:- 25.0.4