Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

January 2021

Snyk and Rapid7 strengthen partnership to provide a holistic risk assessment solution for container applications

Modern organizations are working hard to differentiate their products and services by creating innovative solutions that their customers can leverage at home and on-the-go, forcing them to consider new, more agile approaches to application development that empower their development teams to accelerate time-to-market, and launch new solutions as quickly as possible.

Identify, prioritize, and fix vulnerabilities with Reachable Vulnerabilities for GitHub

Imagine you are a Java programmer and that you just decided you want to use Snyk Open Source scanning to help you find security problems in your third party libraries. Good call! However, after connecting your repository to the Snyk Open Source scanner, you find out that you have ten or maybe even 50 vulnerabilities in the packages you depend on. The major question is: where do I start?

Guide to Software Composition Analysis (SCA)

2020 was a watershed year for open source. Digital transformation, already gaining momentum before COVID19 hit, suddenly accelerated. More and more companies became software companies, and with this shift—usage of open source peaked. Why? Simply put, open source enables development teams to deliver value more rapidly and more frequently, thus enabling their companies to better compete in their respective markets.

Goodbye, 2020! Lookout, 2021

Like most people, I am not at all sad to see 2020 go. It introduced unique pressures that challenged all of us in different ways. As snykers, I believe we have emerged stronger. Throughout the year, our global team—alongside our partners and customers—reached so many impressive milestones, made that much sweeter due to the headwinds we all faced in achieving them. Ending the fiscal year, Snyk: Yes—two acquisitions.

Docker for Node.js developers: 5 things you need to know not to fail your security

Docker is totalling up to over 50 billion downloads of container images. With millions of applications available on Docker Hub, container-based applications are popular and make an easy way to consume and publish applications. That being said, the naive way of building your own Docker Node.js web applications may come with many security risks. So, how do we make security an essential part of Docker for Node.js developers?

Vulnerability Assessment Using Datadog and Snyk

Vulnerability assessment for teams can often be overwhelming. This joint Datadog and Snyk session demonstrates the new integration between the two companies, which enables developers to precisely identify and prioritize code-level security fixes in production applications. Using a sample Java application, you'll see how Snyk surfaces vulnerability information at runtime inside the Datadog UI to help users triage fixes by not just seeing that a vulnerability exists but also how often they are exposed.

Securing Cloud Native Applications at Scale.

Cloud-native architecture is improving time to capability at reduced cost for the enterprise.However, as your organisation transfers workloads to container, Kubernetes and serverless environments, a unified development and deployment approach requires increased involvement of the cybersecurity team.Join Mathias Conradt, Senior Solutions Engineer at Snyk, to learn how DevSecOps is being used to secure cloud-native applications.

Modern Application Development Security

"Shift left" has become the holy grail for security teams today but organizations are still struggling to successfully implement some of the key processes that shifting security left entails. A new study sponsored by Snyk and conducted by Enterprise Strategy Group (ESG) has found that while developers are indeed being given more responsibility for testing their applications for security issues, they simply don't have the knowledge or right set of tools to do so.