Does Snyk support doing SCA + continuous monitoring of the findings when configuring an SCM integration?
How would it work and what are the different steps to configure to get regular scans as we would in a CICD pipeline?
Yes, absolutely.
While the CICD will only scan the code or SCA when triggered, Snyk's SCM integration will scan at every Pull Request (or Merge Request).
And if there is no new PR in more than 24h (or 7 days depending on your default configuration it will rescan the entire project. Even if nothing triggered it.