Getting started¶
Snyk is available to all teams who code in Equinor. First, apply for Snyk in AccessIT, then ask @appsecteam in Slack channel #appsec to create a Snyk organization for your team if it does not already have one.
When you have been granted an organization, make sure to log on to snyk sso and use your Equinor email address.
After your first time sign in, you will be able to list organizations available at the Equinor Group overview (top level). If you see a relevant org to join, request one of the listed org admins to add you to the org.
Creating projects¶
Snyk has many different kinds of integrations, we recommend starting with adding your github repositories. Doing that will create
one snyk project for each source file it understands, e.g. requirements.txt
or package-lock.json
. More about github integration
can be found here
Project attributes¶
To be able to do searching, filtering and aggregation of Snyk data, it is highly recommended that you set some attributes on all
projects. Especially the Lifecycle stage
should be set to an appropriate value, and then Business criticality
and Environment
fields can be set as needed. For more flexible tagging the Tags
field can be used but it is recommended to be used with care as
free-form tags can be difficult to maintain.
Privacy¶
Concerns about which data snyk collects are addressed on Snyk's privacy policy page