Snyk for PCF (Beta)

WARNING: Snyk for PCF tile is currently in Beta and is intended for evaluation and test purposes only. Do not use this product in a PCF production environment.

This documentation describes Snyk for Pivotal Cloud Foundry (PCF). Snyk for PCF enables developers to find, fix, prevent, and continuously monitor for known vulnerabilities and license issues in their open source dependencies.


Snyk for PCF is a full on-premise installation of the Snyk solution. Installing it conveniently sets up the Snyk solution with minimal configuration and human interaction. Snyk for PCF includes access to the entire suite of Snyk solutions, including Snyk source code management (SCM) integrations with Github Enterprise, Bitbucket Server, and Gitlab; Snyk CLI; Snyk APIs; Snyk Cloud Foundry integration; Snyk Lambda integration; Snyk Jira integration, and more.

In addition, customers leveraging the Snyk Service Broker to invoke Snyk scans on cf push via the various buildpacks will be able to point the Service Broker to this on-premise installation instead of the default Snyk SaaS service.

Key Features

Snyk for PCF includes the following key features:

  • Scan: Scan for known vulnerabilities and license issues in open source components
  • Fix: Automate remediation with Fix pull requests (via SCM integraiton) or with snyk wizard (via CLI)
  • Patch: Fixes include upgrades and Snyk’s proprietary precision patches
  • Continuous Monitoring: Get alerted on new vulnerabilities that impact your existing dependencies
  • SCM Integration: Quickly import all your repos from Github Enterprise, Bitbucket Server, or Gitlab
  • Reporting: Enterprise reporting and dashboards give you the state of your security vulnerabilities and license issues in one place
  • License scanning: Create an open source license policy to make sure your applications stay compliant
  • User Management: SSO, hierarchies, superpowered reports, and quick filters make user management fully flexible
  • Issue Tracking: Manage issue lifecycle with Jira integration or with custom webhooks
  • CLI: Fully functional and completely flexible CLI allows you to embed Snyk in any use case
  • API: Integrate Snyk scans into your CI/CD pipeline with ease. Extract all data to augment your existing dashboards

Product Snapshot

The following table provides version and version-support information about Snyk for PCF.

Element Details
Tile version 0.25.0
Release date February 7, 2019
Software component version Snyk for PCF 0.25.0
Compatible Ops Manager version(s) 2.2, 2.3, and 2.4
Compatible Pivotal Application Service version(s) 2.2, 2.3, and 2.4
BOSH stemcell version Ubuntu Xenial
IaaS support AWS, Azure, GCP, OpenStack, and vSphere
IPsec support? No


Snyk for PCF has the following requirements:

  • A paid Snyk Enterprise account. Learn more about Snyk plans.
  • Ubuntu Xenial stemcell v97.x
  • Ability to provision a VM with resource specs of at least: 8 CPUs, 32 GB RAM, 70 GB disk




If you have a feature request, questions, or information about a bug, email Pivotal Cloud Foundry Feedback list or send an email to Snyk Support.


Customers interested in using Snyk for PCF can download the tile and install it with a trial license. To obtain a trial or production license and 24/7 support, contact a Snyk sales representative.

Create a pull request or raise an issue on the source for this page in GitHub