A Day In The Life of a Security Leader
Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
DevOps
Kerberos v5 Authentication
Kerberos stands as the default authentication protocol facilitating secure service requests between trusted devices within a network. It has been an integral component of Windows Active Directory (AD) environments since the era of Windows 2000. When a user logs into their computer, Kerberos undertakes mutual authentication, ensuring both the user and the server validate their identities.
Transforming Privileged Access A Dialogue on Secretless, Zero Trust Architecture
Join us for an insightful webinar featuring IAM analyst Jack Poller and Teleport CEO Ev Kontsevoy as they delve into the nuances of privilege management and the paradigm shift towards a secretless, zero trust, least privileged architecture for engineers accessing cloud and on-premises compute infrastructure.
Over 100 Malicious Packages Target Popular ML PyPi Libraries
Early on March 28, 2024, the Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry. Among those libraries are Pytorch, Matplotlib, and Selenium.
The State of Software Supply Chain Security in 2024
In today’s fast-paced software development landscape, managing and securing the software supply chain is crucial for delivering reliable and trusted software releases. With that in mind, it’s important to assess whether your organization is set up to handle the continuous expansion of the open-source ecosystem and an ever-growing array of tools to incorporate into your supply chain.
Understanding Supply Chain Risk - Using SCA to protect your application
Understanding our supply chain means understanding all the components that make it. But this is harder than it appears. Open-source components make up 80 - 90% of our application's source code, but we must also remember that our open-source components are also made from open-source components, it's like supply chain inception. SCA or Software Composition Analysis is a security tool that looks at your entire supply chain and outlines vulnerabilities, including transitive or downstream dependencies.
How Effortless Solutions Managed Multi-Tiered Client Needs with BoxyHQ SSO
Effortless Solutions faced a unique challenge: implementing an Enterprise Single Sign-On (SSO) solution for a customer's client in the Netherlands, requiring a SaaS application developed on the Bubble platform to seamlessly integrate with Microsoft EntraID, ensuring minimal disruption and downtime while enhancing productivity and maintaining high-security standards.
A Guide to IaC Security and Scanning
Infrastructure as code (IaC) provides an innovative approach to provisioning and managing cloud infrastructure through code, instead of doing it through manual processes. This foundational shift not only accelerates development cycles but also introduces new dimensions of risk that must be carefully managed. In this article, we'll delve into these challenges and explore strategies to secure IaC environments from potential vulnerabilities and threats.
System Cryptography: A Beginner's Guide
In today’s digitally interconnected world, where data flows freely across networks and devices, ensuring its security is paramount. This is where system cryptography steps in, offering a suite of tools and techniques to safeguard sensitive information from prying eyes and malicious actors. Let’s delve deeper into the realm of system cryptography, exploring its intricacies and significance in modern computing.