Snyk adds detection capabilities for Azure Repos

May 10 2019

Open source security platform provider, Snyk, announced new capabilities for developers to monitor the security of Azure Repos projects and spot open source vulnerabilities.

Snyk's system scans Azure Repos, including all of the different software languages supported for Snyk Git integrations as well as Azure DevOps. When a vulnerability is detected, it is listed with enriched content to guide developers on how to triage the issue. This may include contextual information about the vulnerable component.  

In addition, the system calculates transitive and direct dependencies and can automatically go through a pull request for the necessary patches and upgrades. Snyk aims to prevent developer pull requests from causing new open source issues and every pull request is scanned within Azure Repos and then merged. However, if a merge fails, developers have the option of setting policies to reconfigure.

Ariel Ornstein, a member of the Snyk team stated:

About MSDW Editorial Team

More about MSDW Editorial Team