DevOps

Snyk Code scanning added to the Snyk Visual Studio extension

Snyk Code provides a new generation of static application security testing (SAST). It uses a unique process that uses machine learning to rapidly grow its knowledge base and a Snyk security engineer to assure the quality of the rules. As a result, the Snyk Code knowledge base grows exponentially and results in an industry-leading high accuracy. On top of that, Snyk Code provides real-time scanning so developers can use it right from their favorite IDE.

The Big Fix 2022 - Getting Started Guide

The Big Fix brings together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure. Our goal is to make security 100x better in 2022 by finding and fixing 202,200 security vulnerabilities! Join us to help find (and fix!) security vulnerabilities while making friends and winning swag. In this short video we'll help you get started finding (and fixing!) security vulnerabilities in your applications -- it's easy!

Running Kubernetes on AWS Fargate

For the last decade, AWS has dominated the cloud computing space with a plethora of cloud services. One of AWS’ great innovations was AWS Fargate, their first containers as a service (CaaS) offering. Prior to the introduction of Fargate, those building in the cloud were forced to choose between IaaS paradigm-focused containers or FaaS-focused serverless functions.

SSH Hardening Tips to Prevent Brute-Force Attacks

SSH servers are a common target for brute-force attacks. This is even more true if your infrastructure sits behind an SSH bastion because attackers have no choice but to compromise the bastion host either by exploitation or denial of service. In this article, we will list a few controls which will help you harden your SSH servers from brute- force attacks.

Styra 2021 Year in Review

It’s been a whirlwind year for Styra — from going fully remote as a company to raising $40 million in Series B Funding to more than doubling our workforce. We have a lot to be thankful for as a company, and before we say “goodbye” to 2021 and “hello'' to 2022, I wanted to take a moment to recap some of my favorite moments and initiatives of this past year.

SSH Bastion Host Best Practices

SSH bastion hosts are an indispensable security enforcement stack for secure infrastructure access. Every security compliance standard that deals with remote infrastructure access (e.g., FedRAMP AC-17 - Remote Access, HIPAA §164.312(a)(1) - Access control, SOC2 CC6.1 - Manage Points of Access) mandates preventing direct network access to the servers and APIs.