This task allows you to easily run Snyk scans within your Azure Pipeline jobs. You will need to first create a Snyk account. There are two major options:
- Snyk scan for application dependencies. This will look at manifest files.
- Snyk scan for container images. This will look at Docker images.
In addition to running a Snyk security scan, you also have the option to monitor your application / container, in which case the dependency tree or container image metadata will be posted to your Snyk account for ongoing monitoring.
Please refer to https://snyk.io/docs/ for documentation on using Snyk.
For support issues, please visit our support portal or contact [email protected].