Kubernetes is a valuable resource and a leading container management system in development pipelines across the world, but it’s not exempt from malicious attacks. Using Kubernetes requires a deep understanding of Kubernetes’ environment—including the different vulnerabilities you can be exposed to while creating, deploying, or running applications in your clusters.
The most beautiful and inspiring aspect about open source code is, well, that it’s open source. We can look at open source packages like gifts that are exchanged between developers across the engineering world, allowing them to learn from the work other people do, contribute their own expertise, and grow their professional capabilities. Contributing to open source is much appreciated, and it is important to remember not only to benefit from these projects, but also to contribute back.
By its general purpose nature, Open Policy Agent (OPA) allows for a unified way of dealing with policy across a wide range of use cases. One particularly interesting use case for OPA, and one which will be the focus of this series of blogs, is that of application authorization (or entitlements, or simply, authorization).
We’re excited to announce that Snyk and TopCoat are joining forces. TopCoat and its founders — Seth and Josh Rosen — are well established and respected in the data analytics space. They’ve built a powerful data analytics platform that simplifies building data applications through an integration with dbt, allowing data analysts and engineers to quickly create highly customized data reporting and visualizations.
Software supply chain attacks are on the rise – the attacks increased by more than 600% between 2020 and 2021. On RubyGems, the official package repository for the Ruby programming language, attackers usually take advantage of the implicit trust developers have on the gems deployed on the platform and infect them with malicious code.
As the partnership between Snyk and Atlassian continues to grow, we decided to put together a best practices cheat sheet to help you make the most of our integration with Bitbucket. This will help you use Bitbucket more securely to manage and store your code, as well as continuously monitor your code and dependencies for potential vulnerabilities using Snyk. Here are the seven best practices we’ll discuss in this post: Download the cheat sheet
In the last few years, Kubernetes has grown exponentially in popularity. Its wide adoption can be attributed to its open source nature, flexibility, and ability to run anywhere. Developers also love the fact that you can manage everything in Kubernetes using code. kubectl is the Kubernetes-specific command line tool that lets you communicate and control Kubernetes clusters. Whether you’re creating, managing, or deleting resources on your Kubernetes platform, kubectl is an essential tool.
