Snyk integration

The integration with Snyk Code enables customers to better understand the technology risk across their system landscape.

By enriching the service catalog with vulnerability information (such as severity, CVE type, and exploit maturity) and license data we support three main use cases:

1. Understand the technology risk profile in its business and technology context. Within a few clicks, customers will be able to identify which microservices are affected by a certain vulnerability, what customer-facing impact that has, and which team owns said service.

2. Comprehensive licensing scope analysis for all technologies used to strengthen software governance policies. Investigate whether unwanted /infringed licenses are used, which domains and products are affected or simply track team adherence to certain governance standards.

3. Identify patterns in technology risk profile and how these impact the value streams. For example, surface which microservices are repeatedly affected by vulnerabilities and require an overhaul, or which teams might need additional training to build reliable services.