Escape and Snyk officially partner to make GraphQL Security accessible to all developers!

Maxence Lecanu

3 min read
Escape and Snyk officially partner to make GraphQL Security accessible to all developers!
Escape x Snyk - GraphQL Security

Snyk and Escape provide developers with the ability to secure their GraphQL applications during the development lifecycle through an industry-leading end-to-end AppSec approach that includes SAST, DAST, and Cloud Security.

SAST and DAST for GraphQL Applications

Integrating Escape with Snyk means that a dynamic application security testing tool (DAST) and a static application security testing (SAST) tool have to discuss with each other.

đź’ˇ
Want to learn more about the advantages of combining SAST and DAST? Check out the following article.

What is Snyk Code?

A SAST is an application security tool that performs statical analysis of the code being secured, in order to find flaws in it from the source. Snyk code provides a SAST tool.

Code Security & Code Quality Scanning | Snyk Code
Learn more about Snyk Code that uses AI for code security testing and provides actionable suggestions right when the code is written.
SnykSnyk

What is Escape?

A DAST sits on the opposite side of the spectrum, as it scans life (dynamic) applications, in order to find flaws in them from the executable output. Escape provides a DAST tool for GraphQL applications.

Escape - GraphQL Security
Scan your GraphQL endpoints to find and fix their security flaws before production.
Scan your GraphQL endpoints to find and fix their security flaws before production.

Visit our website to learn more about our GraphQL security testing tool!

Using Escape with Snyk

Binding an Escape organization with Snyk

Escape's integration page henceforth features a dedicated block for Snyk. This is where you can bind your application in Escape with a Snyk project.

After clicking on the manage button on the Snyk integration item, you will be prompted for an organization ID and an API token.

You may retrieve both identifiers from Snyk's application directly. The organization ID is on the organization settings page, while the API token will be found on your account settings page.

⚠️
If the organization ID is bound to an organization, the API token is bound to your user in Snyk ! We will use it to request Snyk's API in your name.

Binding an Escape application with Snyk

Once the integration is configured, you can use it on any application in Escape, which belongs to the integrated organization. To do so go into the advanced settings tab on the application, select the Snyk SAST project to connect with the application, then click on "Save".

đź‘‹
Until now, Escape only leverages SAST projects from Snyk Code. Make sure your Snyk organization owns one before continuing!

Improved alerting reports

Starting from now, every alert sent from Escape's scans of this application will be compared with code issues in Snyk Code. If we find a match, it will be indicated in the alert display of the scan results!

Binding Escape's alerts with Snyk's code issues allow us to provide you with many additional information:

  • We show the potential source code related to the alert we reported
  • We provide quick access to the repository for this file
  • We give feedbacks on the severity Snyk gave to this alert
  • The Snyk code issue also provides remediations snippets on the Snyk app.

Try it yourself!

To start linking Snyk and Escape together and making your GraphQL applications more secure, simply register to the Escape GraphQL Security Platform and enjoy the free trial!

Food for thoughts

đź’ˇ Wanna learn about GraphQL testing? Read our blog article "How to test your GraphQL API?".