-
Type:
Task
-
Resolution: Done
-
Priority:
L3 - Default
-
Affects Version/s: None
-
Component/s: backend
-
1
-
S
We have the possibility to integrate Snyk into Optimize, as per: https://confluence.camunda.com/display/HAN/Vulnerability+Scanning+with+Snyk
We should first spike this task for 1-2 hours to evaluate the benefit of what Snyk will bring us, as well as the cost of integration
The most likely benefit is security updates that we might not already with Dependabot
Justification:
Determine whether or not we can reduce security threats with vulnerability scanning. This could identify otherwise blind spots