Table of contents
Topics on this page

What is Open Source Security by Snyk?

Trend Micro Cloud One™ - Open Source Security by Snyk provides detection and management of open source vulnerabilities in source code repositories and build pipelines.

Most software applications make heavy use of open source components. These components are created by third parties and may contain software security flaws that can affect the security of your applications. When vulnerabilities are detected in open source components, it is important to update your software to use the fixed open source components. Open Source Security by Snyk automatically detects these vulnerable components and provides tracking and guidance on how to update your software.

How it works

  1. Connect Cloud One – Open Source Security by Snyk to your source code repository (GitHub, GitLab, etc.) or your build pipeline (Jenkins, TeamCity, Circle CI, etc.) For instructions, see Getting started
  2. Open Source Security by Snyk will scan your source code dependencies and provide a prioritized assessment of your open source risk.
  3. Provide actionable remediation advice to your developers and monitor improvement over time.
  4. Respond to new vulnerabilities quickly with immediate insight into how many projects are affected by a new vulnerability and visibility into the remediation progress.