Add Snyk to list of dependency monitoring tools

[david-a-wheeler]

Let's add Snyk to the list of dependency monitoring tools: https://github.com/coreinfrastructure/best-practices-badge/blob/master/doc/other.md#dependency_monitoring

We want people to use these tools, so pointing out options (especially those free for OSS projects) makes sense.

It's not clear what hyperlink to use - I'm currently thinking of https://snyk.io/

[david-a-wheeler]

In the same area, we might also want to add a marking noting "Free for FLOSS projects".

My thanks to Guy from Snyk for suggesting these.

While we're at it, maybe we should also add another marking, "is FLOSS". Again, trying to provide info for users.

[david-a-wheeler]

Also: Should we refer here to the related O'Reilly book "Securing Open Source Libraries"? First chapter is public: https://www.oreilly.com/ideas/what-defines-a-known-open-source-vulnerability