Hello wonderful Compass beta users,
Shu from Compass here! Compass has started work on our second security app, Snyk! We’d love to hear from you on how you use Snyk day-to-day for security operations, and what your ideal Snyk integration for Compass might look like.
Our current exploration revolves around you adding a link to your Snyk project(s). From there, the app can pull in things such as open vulnerabilities and licenses.
The team’s designed three concepts below. Please let us know if you’d find any of the concepts below helpful in your Snyk app.
If you’d like to see other security tools for Compass, let us know which ones and what you’d like to see from them!
Please let @Josh Campbell or I know if you'd like to chat about Snyk, other security apps (or apps in general), templates or automation.
This looks good. The only part I'm unsure about is adding the events to the timeline. Quite often we get dependency issues in Snyk where there is no known resolution for a while. I'd be concerned about adding "noise" to the events timeline without a way of hiding the Synk ones. I think I'd like a toggle to opt-in on that one, after which the selection persists.
Hey @Shubhank Sahay ,
I think I'd want to filter all of them (or toggle all the levels). I'm not sure about license violations. Currently I'm not sure it's very useful to our workflow, but you could implement that and it might become useful!
I guess the activity timeline is about telling stories and identifying patterns. "x happened at this time, which was followed by y and a failure of z". I think anything added to this timeline needs to be able to be justified in helping to tell these stories around identifying a timeline of failure.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey Garyl, hope all is well! This is some mocks Shu put together for Snyk to help get some validation on ideas we have. We want to make sure we're delivering features yall want so any feedback on what you like or don't goes a very long way! We haven't actually begun development on it just yet but will absolutely keep you in mind for early access.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Looks promising. Is there a way this app can be added to our organization so that we can test and play around?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey Florian we've got an early access version available for testing if you are interested. Just hit the "Give feedback" button in the upper right in Compass and ask if you can have the Snyk app enabled, when I see that come through I can enable it for your site. We expect the full release for all customers by end of October.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey @Garyl Paras I wanted to follow up and make a little correction on my end. We're looking to have an update for you on Snyk next week!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey @Garyl Paras look out for something next week! :)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey @David Harper ! Thank you so much for your feedback. Totally hear you on the 'noise' concern. I'd love to learn more. It sounds like you'd like 'filters' for the activity feed.
If we did support a filter, would you be interested in filtering all vulnerabilities, or just the ability to see critical (and maybe high severity) ones? Are you also interested in license violations from dependencies or do you also consider that noise?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Shubhank Sahay I could not find an update on Synk - has there been any updates?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Garyl Paras Not yet to my knowledge. @Josh Campbell Would love to see if you have thoughts and can help out here!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.