Case Study: Xpirit achieves streamlined VSTS dependency scanning and build protection with Snyk

Xpirit - Customer Case Study

Xpirit lead consultant Jesse Houwing faced frequent, fast-changing dependency updates in his TypeScript/Node build tasks and needed a way to detect and act on vulnerable packages both during builds and after shipping. To solve this, he turned to Snyk and built a Visual Studio Team Services (VSTS) Snyk task so vulnerability scanning and Snyk API token management could be integrated into VSTS/TFS workflows.

Houwing developed and released the VSTS Snyk task (with Snyk’s support to resolve platform issues), enabling scans in build pipelines, centralized token handling via Service Endpoints, and a “fail build” option. The task is available from the VSTS Marketplace and GitHub, now protects multiple Xpirit and Microsoft VSTS extensions, and has been adopted by other extension developers—providing continuous detection of high‑priority dependency vulnerabilities through Snyk.

Xpirit

Jesse Houwing

Lead Consultant