We’re pleased to announce our new extension for Visual Studio, making it easier for developers to stay both secure and compliant as they code within their favorite IDE. The extension supports Visual Studio 2015, 2017, and 2019. Snyk’s new free extension for Visual Studio enables developers to easily find and fix both known vulnerabilities and license issues in their open source dependencies, helping them address security early on and ship secure code faster.

DockerCon 2021 brought containerization experts together to discuss all things Docker, from building containerized applications and running container images to improving container security. In this post, we’ll recap a live panel discussing how container security fits into the new cloud native era, how Red Ventures scaled container security scanning with Snyk, and ways to make vulnerability remediation easier.

Empowering developers to build securely has always been Snyk’s mission. We enable you to find and fix security vulnerabilities in your code and open source dependencies, as well as enable development teams to easily integrate security testing as part of their automated delivery pipelines. Snyk also provides native integrations with leading CI/CD platforms such as Jenkins, TeamCity, and CircleCI. To this end, we are happy to announce Snyk’s latest integration with AWS CodePipeline.

Earlier this year, we announced the beta support for Python in Snyk Code. This beta period gave us the chance to let customers have access to our extensive collection of Python rules while we finished our knowledge base review and added curated content. We are happy to announce that this work has concluded, and Python is now a fully supported language. 🐍 🎉

In previous posts we explored the potential for intent-based Android security vulnerabilities and then used Snyk Code to find exploits in popular apps on the Google Play store. If you know Snyk, you also know there’s no way we can just point out vulnerabilities and not recommend fixes. Analyzing such an extensive dataset enabled us to review a lot of code.

We have more than a few reasons to be thrilled with the results of the 2021 Gartner Magic Quadrant for Application Security Testing. In our debut on the report, Snyk has been recognized as a Visionary. Additionally, we are placed furthest in the Visionaries quadrant for both Completeness of Vision and Ability to Execute, and second-furthest for Completeness of Vision in the overall Magic Quadrant.

We are honored to share that Snyk has been named to the ninth annual CNBC Disruptor 50 List, coming in at #15! The full list, unveiled earlier this week, identifies 50 private companies “aligned with today’s rapid pace of technological change and poised to emerge from the pandemic as the next generation of business leaders.” The pandemic accelerated digital transformation and associated cybersecurity concerns.

In our previous blog, we explored the nature of intent-based Android security vulnerabilities. Now we’re going to dive into how we performed our security analysis on apps in the Google Play Store with Snyk Code.

We have been witnessing an ever growing amount of supply chain security incidents in the wild. Everything from open source package managers security flaws being exploited to continuous integration systems being compromised to software artifacts being backdoored. And now, those incidents are starting to extend to the place where developers spend most of their time: their integrated development environment, and specifically the Visual Studio Code IDE.