SQL injection is one of the most dangerous vulnerabilities for online applications. It occurs when a user adds untrusted data to a database query. For instance, when filling in a web form. If SQL injection is possible, smart attackers can create user input to steal valuable data, bypass authentication, or corrupt the records in your database. There are different types of SQL injection attacks, but in general, they all have a similar cause.

When deploying applications in containers, developers are now having to take on responsibilities related to operating system level security concerns. Often, these are unfamiliar topics that, in many cases, had previously been handled by operations and security teams. While this new domain can seem daunting there are various tools and practices that you can incorporate into your workflow to make sure you’re catching and fixing any issues before they get into production.

Backstage began life as an internal project at Spotify and was released as an open-source project in 2020. Its original intention was to be a central location where the company had a registry of all software they had in production but has since evolved into a much more advanced platform, including a plugins system that helps users extend the platform. This plugin system is a significant reason for Backstages success and drove adoption within the company.

Integration with your source code managers and issuing pull requests to fix issues has been part of Snyk’s success in helping our customers fix application dependencies for several years. Now, we want to help you address container security in a similar way. We’re happy to share that we are extending Snyk Container by helping you automatically fix issues in your Dockerfile to keep an up-to-date base image at all times.

Have you shifted left, yet? That’s the big trend, isn’t it? It’s meant to signal a movement of security responsibilities, moving from central IT teams over to developers, but that’s trickier than it sounds. Simply taking tools that are intended for use by security experts and making them run earlier in the supply chain does not provide developers with meaningful information.

The Spring MVC framework is a well-known Java framework to build interactive web applications. It implements the Model-View-Controller architecture pattern to separate the different aspects of your application. Separating the different logic elements like representation logic, input logic, and business logic is generally considered good architectural practice.

Judging by the reactions I saw in the audience during my past talks on “Securing Containers By Breaking In”, as well as recent reactions on Twitter, not many know about Docker Hub’s fairly recent multi-factor authentication feature. In October 2019, in order to improve the Docker Hub authentication mechanism, Docker rolled out a beta release of two-factor authentication (also known as 2FA).

At the beginning of 2021, I noted that Snyk was ready to soar. And soar we have…the rocket ship’s next stop? Asia Pacific and Japan (APJ). I would like to welcome Shaun McLagan, our new Vice President of APJ Sales, and our new partners Temasek, an investment company headquartered in Singapore, and Geodesic Capital, a venture capital firm that specializes in helping technology companies expand into Asia, to the Snyk family.

Today we came a step closer towards our ultimate vision – to empower every one of the world’s 27 million developers to develop fast while staying secure. On behalf of the entire extended Snyk family, every current and former employee, partner and customer, I’m humbled to announce that today marks another important milestone in the Snyk journey: the closing of our Series E funding round.