JavaScript type confusion: Bypassed input validation (and how to remediate)
Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
AWS Live Hack Workshop: Snyk and Docker
In this live demo with Snyk and Docker, we show you how to scan containerized applications on Amazon EKS using a Docker CLI tool developed by both Docker and Snyk, managing open source vulnerabilities and dependencies introduced by container base images.
AWS Live Hack Workshop: Snyk and StackHawk
In this video with Snyk and Stackhawk, you'll see a live demo on implementing automated static and dynamic security testing across a CircleCI pipeline, finding and fixing vulnerabilities without loss of performance or developer agility.
What Financial Services Companies Need to Know About Infrastructure Access
Ding. That is the sound of the elevator opening on the ground floor of the One WTC building in New York. We’re both there for a meeting. You, as Director of Systems Engineering for a Financial Services provider, are presenting your plans to shore up the hybrid infrastructure used to run the bank’s new crypto-based services. I’m meeting with clients who are trying to rebuild their reputation, and SOC2 certification, after a data breach.
Snyk Log4Shell Stranger Danger Live Hack
In this recorded session, we present a live hack webinar on the Log4Shell exploit. We give a brief overview of the vulnerability and dive right into some examples of the exploit in action. We then show several real-world remediation approaches as well as other fixes outside code. We give a final round of fun demos, including container and IaC hacks as well as Java-based game hacks. We wrap up with a great list of takeaway resources and answer your questions.
Monitor Kubernetes with Fairwinds Insights' offering in the Datadog Marketplace
Fairwinds Insights is Kubernetes governance and security software that enables DevOps teams to monitor and prevent configuration problems in their infrastructure and applications. Not only does Fairwinds simplify Kubernetes complexity, but it also reduces risk by surfacing security and reliability issues in your Kubernetes clusters.
Snyk Code: An Introduction to Dev-First SAST
Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
Snyk Code in 2021: Redefining SAST
Starting in early 2021, Snyk Code and became available as a freemium offering for Snyk users. Snyk Code helps developers quickly and accurately find, prioritize, and fix security flaws in proprietary code. With detailed remediation guidance at every stage of the software development lifecycle (SDLC), from the developer’s environment (IDE) to continuous integration and development (CI/CD) pipelines, Snyk Code revolutionizes static application security testing (SAST).
Freshly Served CloudCasa for Backup of Kubernetes Clusters Managed by Rafay
We are excited to announce CloudCasa can now be deployed via a recipe to protect Kubernetes clusters managed via Rafay’s Kubernetes Operations Platform for Enterprises and MSPs.
Leave SSL in the Dust, Turbocharge TLS with ALPN and SNI
As part of Teleport 8 we’ve made significant improvements to our routing, so much so the improvements have become a feature. Teleport 8 has new TLS routing that greatly reducing the port requirements needed for Teleport to run. Reducing the open network footprint down to a single port for your entire infrastructure and minimizing the attack surface. Want to know how we did it? Read on!