Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

In an ecosystem with an increasing number of dependencies, maintainers and supply chain attacks, discover an open source tool designed to analyze in depth the dependencies of a given remote package or local manifest. Not knowing what’s in the node_modules directory is a bad dream from the past. Dive in with me to find out the secrets that your dependencies hide from you. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Identity Governance & Security: Protect identities across all of your infrastructure with Teleport Eliminate weak access patterns through access monitoring, minimize attack surface with access requests and purge unused permissions via mandatory access reviews.

Repetitive tasks are the antithesis of speed. The only way to deliver software rapidly, securely and with quality is to automate software packages across the software supply chain to drive enhanced testing, improve decision-making, eliminate bottlenecks and holistically manage your software resources. Join Yossi Shaul, SVP of R&D, JFrog, and Gali Zisman, VP of Product, JFrog, to explore JFrog’s new release-first approach, including exclusive swampUP announcements, first-time demonstrations & key product advancements!

Developers are now the target of the attacker, with binaries available publicly. While it's unlikely that the concept of security point solutions will completely disappear, it’s clear that the market is demanding a consolidated, comprehensive approach to pipeline security across the attack surface. With the increasing complexity of software supply chains, security and governance are becoming critical on developer’s machines, at the C-level and in boardrooms. In this session, Eyal Dyment, VP of Security Product for JFrog, details how next-gen software supply chain solutions must incorporate robust, holistic security or risk being the next tool to be consolidated.

How do you build a successful AppSec program? Today, we’re focusing on an area where we have great evidence for a specific best practice – Repository Integration. Choosing where to deploy SCA scans can have a major impact on the success of your AppSec program. You can boost the value of Mend SCA by scanning in your repositories, and we want to show you how!

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks. With a proven track record of successfully meeting complex and large-scale application security needs, Mend.io is the go-to technology for the world’s most demanding development and security teams. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, the open source automated dependency update project.

In this demo, see how you can use the 1Password Connect Terraform Provider to access and manage items in your 1Password vaults.