%term

SnykCon recap: Building a developer-focused AppSec program

Jan 27, 2022 By Mariah Gresham In Snyk

Building an application security program can be overwhelming. The steady stream of content encouraging teams to shift left is inspiring, but it doesn’t help you get started. Looking toward organizations with mature AppSec initiatives can make the gap seem insurmountable — all while an actionable plan remains elusive. Like anything else in software development, application security is a journey. A journey that’s much more enjoyable with some guiding principles.

Read Post

Snyk

Read more about SnykCon recap: Building a developer-focused AppSec program

Vulnerability of the Month: nanoid

Jan 27, 2022 By Snyk In Snyk

Learn about a new prolific vulnerability in an extremely popular package! We will dive in to the defective code as well as the fix!

View Video

Snyk

Read more about Vulnerability of the Month: nanoid

Enabling compliance for database access

Jan 27, 2022 By Teleport In Teleport

Description: Enterprise databases hold an organization's most sensitive information and need to be protected. Beyond that, organizations must also demonstrate compliance with frameworks like FedRAMP, HIPAA, SOC2, GDPR and more for these databases. Complying with these frameworks without slowing down DBA teams is a challenge. This webinar will demonstrate how to unify access controls for connectivity, authentication, authorization, and audit for popular OSS databases Postgres, MySQL and MongoDB so you can move fast but stay secure.

View Video

Teleport

Read more about Enabling compliance for database access

Moving fast, and meeting HIPAA compliance with Teleport

Jan 27, 2022 By Teleport In Teleport

How Dylan Statmat of https://www.verticalchange.com/ uses Teleport to obtain HIPAA compliance.

View Video

Teleport

Read more about Moving fast, and meeting HIPAA compliance with Teleport

How to Keep Your Cloud Infrastructure Secure and Compliant

Jan 27, 2022 By Teleport In Teleport

In a world of hyperscale public clouds, dynamically provisioned environments, distributed teams and remote work, how can you reliably secure access to your infrastructure and satisfy compliance requirements without slowing down your development teams? Gus Luxton discusses the essential elements of secure infrastructure access and how you can implement best practices in your environment. Speaker: Gus Luxton.

View Video

Teleport

Read more about How to Keep Your Cloud Infrastructure Secure and Compliant

Talent Shortage 2022: Stretching Your Lean DevSecOps Team

Jan 27, 2022 By George Hamilton In ChaosSearch

The cybersecurity talent shortage is real. As of December 2021, a job-tracking database from the U.S. Commerce Department showed nearly 600,000 unfilled cybersecurity positions. And a 2021 study found that 57% of cybersecurity professionals worked at organizations that have been directly impacted by the cybersecurity talent shortage. Even so, many organizations want to “shift security left” or build security best practices earlier into the software development lifecycle (SDLC).

Read Post

ChaosSearch

Read more about Talent Shortage 2022: Stretching Your Lean DevSecOps Team

Tame the snake: Snyk shines a spotlight on Python security

Jan 26, 2022 By Snyk In Snyk

Today, 43% of all data breaches are directly linked to vulnerabilities found in applications. With the programming language Python reaching ever greater popularity in the developer space, Snyk has taken an in-depth look at security issues relating to the language and found that, "while 81% of the most popular Python packages are in a healthy state," roughly 20% of the security weaknesses identified by Snyk Code are related to Python projects.

Read Post

Snyk

Read more about Tame the snake: Snyk shines a spotlight on Python security

PHP security in Snyk Code now GA

Jan 26, 2022 By DeveloperSteve In Snyk

We recently announced our beta release for PHP support in Snyk Code, which brought with it the ability to identify potential PHP security vulnerabilities at the code level. After a successful public beta program, PHP security support in Snyk Code is now GA. 🎉🎉🎉 PHP is a popular programming language that is used by developers all over the world. In this blog post, we will take a look at some of the features of Snyk Code and how it can be used with PHP.

Read Post

Snyk

Read more about PHP security in Snyk Code now GA

Unifying AWS IAM Access Across Multiple AWS Accounts and Products

Jan 26, 2022 By Kai Davenport In Teleport

AWS Identity and Access Management (IAM) is a keystone to accessing AWS accounts, but as companies grow, it can be difficult to understand and standardize, especially across many AWS accounts. To put some personality into the challenges of managing identity for multiple AWS resources and accounts, I’ll start with a short story about a fictional company that you might recognize as similar to the one you work in today! ACME Net is growing fast.

Read Post