diff --git a/tools/eslint/.snyk b/tools/eslint/.snyk
new file mode 100644
index 00000000000000..beee691943f9b9
--- /dev/null
+++ b/tools/eslint/.snyk
@@ -0,0 +1,12 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.13.5
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-450202:
+    - lodash:
+        patched: '2019-07-04T06:30:27.419Z'
+    - inquirer > lodash:
+        patched: '2019-07-04T06:30:27.419Z'
+    - table > lodash:
+        patched: '2019-07-04T06:30:27.419Z'
diff --git a/tools/eslint/package.json b/tools/eslint/package.json
index dec10304f74af0..2183639745cbd6 100644
--- a/tools/eslint/package.json
+++ b/tools/eslint/package.json
@@ -72,7 +72,8 @@
     "strip-ansi": "^4.0.0",
     "strip-json-comments": "~2.0.1",
     "table": "^4.0.1",
-    "text-table": "~0.2.0"
+    "text-table": "~0.2.0",
+    "snyk": "^1.189.0"
   },
   "deprecated": false,
   "description": "An AST-based pattern checker for JavaScript.",
@@ -155,7 +156,10 @@
     "perf": "node Makefile.js perf",
     "profile": "beefy tests/bench/bench.js --open -- -t brfs -t ./tests/bench/xform-rules.js -r espree",
     "release": "node Makefile.js release",
-    "test": "node Makefile.js test"
+    "test": "node Makefile.js test",
+    "snyk-protect": "snyk protect",
+    "prepublish": "npm run snyk-protect"
   },
-  "version": "4.12.0"
+  "version": "4.12.0",
+  "snyk": true
 }