diff --git a/.snyk b/.snyk
new file mode 100644
index 000000000..d4a365d19
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,13 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  'npm:lodash:20180130':
+    - standard > standard-format > esformatter-jsx > babel-core > babel-plugin-proto-to-assign > lodash:
+        patched: '2018-08-17T01:47:05.851Z'
+  'npm:mime:20170907':
+    - codeclimate-test-reporter > request > mime:
+        patched: '2018-08-17T01:47:05.851Z'
+    - codeclimate-test-reporter > request > form-data > mime:
+        patched: '2018-08-17T01:47:05.851Z'
diff --git a/package.json b/package.json
index dcbcbdd0a..190be4a67 100644
--- a/package.json
+++ b/package.json
@@ -52,7 +52,9 @@
     "test": "standard && mocha --no-timeouts --reporter spec --fgrep 'Request Validation' --invert",
     "travis": "standard && mocha --no-timeouts --reporter spec",
     "coverage": "istanbul cover ./node_modules/mocha/bin/_mocha -- --fgrep 'Request Validation' --invert",
-    "codeclimate": "codeclimate < coverage/lcov.info"
+    "codeclimate": "codeclimate < coverage/lcov.info",
+    "snyk-protect": "snyk protect",
+    "prepare": "npm run snyk-protect"
   },
   "standard": {
     "ignore": [
@@ -60,12 +62,12 @@
     ]
   },
   "devDependencies": {
-    "codeclimate-test-reporter": "0.0.4",
+    "codeclimate-test-reporter": "0.3.2",
     "glob": "^5.0.3",
-    "istanbul": "^0.3.13",
-    "mocha": "^2.2.1",
+    "istanbul": "^0.4.5",
+    "mocha": "^4.0.0",
     "should": "^5.2.0",
-    "standard": "^3.3.0"
+    "standard": "^6.0.0"
   },
   "dependencies": {
     "async": "^0.9.0",
@@ -76,6 +78,8 @@
     "folderify": "^0.6.0",
     "form-data": "^0.2.0",
     "har-validator-fsless": "^1.6.2",
-    "postman-collection": "3.0.2"
-  }
+    "postman-collection": "3.0.2",
+    "snyk": "^1.91.0"
+  },
+  "snyk": true
 }