The first task was software composition analysis(SCA). Since unmanaged C++ code limits your options, and the client wanted to operationalize as quickly as possible, we decided to deploy Snyk. For the Golang and Typescript code the standard GitHub integrations were set up. For the C++ code, it must be scanned with the Snyk CLI tool so I developed a module for the build pipeline in bash to find all the dependencies in the cmake file, download them, scan them with Snyk and send them to the dashboard.