Snyk for Slack
Developer loved, Security trusted.Snyk helps you find and automatically fix vulnerabilities in your code, open source dependencies, containers, and infrastructure as code — all powered by Snyk’s industry-leading security intelligence.Snyk’s App for Slack surfaces vulnerability insights found across your software projects and presents actionable context within relevant Slack channels. Your teams get the notifications that matter the most, and can act on them immediately, without ever leaving Slack.New to Snyk? Get a special 45-day Snyk trial, including unlimited tests and extra features. Or, jump right in and get started with a free account today and scale up if needed!For the software developer, this app will allow them to:
● Enhance collaboration throughout the team, discussing and applying suggested fixes to vulnerabilities in software projects
● Maintain awareness of relevant software vulnerabilities
● Quickly discuss and resolve vulnerabilities while minimizing context switching
● Boost productivity and minimize disruptionsFor AppSec, this app will allow them to:
● Integrate SCA (Software Composition Analysis), SAST (Static Application Security Testing), Container, and IaC security tools and workflows with Slack for the development teams
● Identify relevant alerting thresholds, so that developer teams get timely and relevant information, and aren’t inundated with noise.FeaturesSimple setup flow
● A simple onboarding flow gets you set up and running in as few steps as possibleFlexible filtering and routing options
● Configure your Snyk projects to route issues to designated Slack channels
● Specify severity thresholds within Snyk so the most critical issues get your attention
● Enhance collaboration throughout the team, discussing and applying suggested fixes to vulnerabilities in software projects
● Maintain awareness of relevant software vulnerabilities
● Quickly discuss and resolve vulnerabilities while minimizing context switching
● Boost productivity and minimize disruptionsFor AppSec, this app will allow them to:
● Integrate SCA (Software Composition Analysis), SAST (Static Application Security Testing), Container, and IaC security tools and workflows with Slack for the development teams
● Identify relevant alerting thresholds, so that developer teams get timely and relevant information, and aren’t inundated with noise.FeaturesSimple setup flow
● A simple onboarding flow gets you set up and running in as few steps as possibleFlexible filtering and routing options
● Configure your Snyk projects to route issues to designated Slack channels
● Specify severity thresholds within Snyk so the most critical issues get your attention
Permissions
Snyk for Slack will be able to view:
Snyk for Slack will be able to do:
Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.
General
Developer
Snyk Ltd
Company headquarters location
United Kingdom
Terms of service
Privacy & data governance
Data retention policy
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of a dispute in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Data archiving and removal policy
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Data storage policy
All information you provide to us is stored on our secure servers or those of our service providers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Platform, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Platform; any transmission is at your own risk. Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access.
App/service has sub-processors
yes
Guidelines for sub-processors
Certifications & compliance
Data deletion request procedure
HIPAA compliant
no
While this app may offer HIPAA compliance, Slack does not have a business associate agreement with any third-party application providers, including those in the Slack Marketplace, so you are responsible for validating the provider's compliance and executing an appropriate agreement before enabling.
Security
Supports Single Sign On (SSO) with the following providers
If the customer's plan includes it, a dedicated SSO connection via SAML, OpenID Connect (OIDC), Azure AD, or ADFS is possible
Supports Security Assertion Markup Language (SAML)
yes
Has a dedicated security team
yes
Contact for security issues
support@snyk.io
Has a vulnerability disclosure program
yes
Vulnerability disclosure program URL
Vulnerability disclosure program covers Slack app
yes
Has a bug bounty program
no
Requires third party authorization/connections
no
Uses token rotation
yes