Skip to:

Snyk for Bitbucket Server

by Snyk.io
for
Discover more

Free app

Purchase

OVERALL RATINGS

SUPPORT

  • Partner Supported

Key highlights of the appCode, build and ship securely with Snyk’s integration for Bitbucket Server

More details

Snyk enables developers to find and fix security vulnerabilities and license issues in their open source dependencies and container images across the Bitbucket Server development workflow.

Powered by its comprehensive vulnerabilities database, Snyk provides detailed information on each issue in a detailed Code Insights report, all within Bitbucket Server.

Find - identify vulnerabilities with daily scanning of your repositories as well as for new pull requests.

Fix - remediate vulnerabilities using automated pull requests containing fixes, required upgrades or patches.

Prevent - use a Snyk Pipe to automate scanning as part of your Bitbucket Cloud pipelines to prevent vulnerabilities from slipping into your builds.

Monitor - stay secure with continuous security scanning for deployed projects. Use native integrations for JIRA and Slack to stay on top of new vulnerabilities.

This integration supports Bitbucket Data Center / Server versions 4.0 and above.

Resources

  • App documentation

    Comprehensive set of documentation from the partner on how this app works

  • EULA

    Get the End User License Agreement for this app

Privacy and Security

Privacy policy

Atlassian's privacy policy is not applicable to the use of this app. Please refer to the privacy policy provided by this app's partner.

Partner privacy policy

Security program

This app is not part of the Marketplace Bug Bounty program.

Version information

Version 1.0.2for Bitbucket Data Center 6.0.0 - 8.19.13, Jira Data Center 9.1.0 - 9.1.1

Release date
Nov 5th 2019
Summary
Scan Bitbucket Server repositories early to find and fix vulnerabilities.
Details

Project level security reports: Snyk produces advanced security reports, allowing you to explore the vulnerabilities found in your repositories, and fix them immediately by opening a fix pull request directly to your repository, with the required upgrades or patches.

Projects monitoring and automatic fix pull requests: Snyk frequently scans your projects on either a daily or a weekly basis. When new vulnerabilities are found, notifications are sent both by email and by opening an automated pull requests with fixes to repositories.

Pull request tests: Snyk tests any newly created pull request in your repositories for security vulnerabilities, and sends a build check to Bitbucket DC/Server. You can to see whether the pull request introduces new security issues, directly from Bitbucket DC/Server.

Required permissions scope for the Bitbucket DC/Server integration: Snyk performs all the operations in Bitbucket DC/Server on behalf of the integrated service account.

Payment model
Free

Learn and explore

  • What’s Marketplace
  • App installation
  • About Atlassian
  • Atlassian resources
  • Search and ranking
  • Atlassian events
  • Atlassian foundation

Follow