About the plugin
The Snyk plugin leverages the Snyk API to enable Snyk data to be visualized directly in Backstage, along with all the other data points development teams might be interested in for their applications. Being able to surface security information directly into the development workflow, along with prioritization and remediation advice, is one of the key tenets of Snyk's developer-first approach to security, and enabling integrations with a wide range of systems is the underlying principle behind the Snyk API.
Unify your developer's security review experience
Application security requires a solution that deeply integrates security feedback into the developer workflow. The Snyk plugin does exactly this, reflecting security insights in the outer loop of software development.
Drive visibility into security status
The Snyk plugin reflects security posture of your services, namely the vulnerabilities and ignored issues for each, such that development teams and engineering leadership can understand security through the lens of their services and teams.
Snyk project association
Leverage Snyk project tags to associate the vulnerabilities we find in your code and container images with your components in Backstage.
The Snyk plugin brings a summary of vulnerabilities, license issues, and ignored issues to your component's list of tabs. View a count of items by issue criticality and view a tabulated breakdown for digging into the details.