Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As organizations look for solutions that enable them to create a software bill of materials (SBOM) to ensure they’re meeting new governmental mandates for protecting the software supply chain, it’s important to understand the difference between solutions based on reporting vs. remediation. The primary focus of any SBOM solution should be on open source code. The use of open source continues to expand exponentially. Open source components comprise 60%-80% of today’s applications.

Customers are increasingly looking for just-in-time access to infrastructure. Imagine there is a production outage and a senior SRE needs to login to a production server to diagnose and fix the issue. In this organization, on-call SREs have elevated access to production systems, but when they are off-duty, their privileges are reduced. When the Pager Duty alert goes off, our on-call SRE ssh’s into the server but after several minutes of looking, can’t diagnose the issue.

Azure Government is a dedicated cloud for public sector organizations that want to leverage Azure’s suite of services in their highly regulated environments. As these organizations migrate their applications to Azure Government, they need to ensure that they can maintain visibility into the status and health of their entire infrastructure.

There’s never a dull moment at Snyk and for our Channel team that it’s been especially rewarding. We’re very excited to say that this week Snyk Infrastructure as Code (Snyk IaC) was named the winner of the cloud security category for the 2021 CRN Tech Innovator award. The full list of winners, unveiled earlier this week, showcases innovative vendors in the IT channel across 47 different technology categories, in key areas ranging from cloud to storage to networking to security.

Managing application resources at scale can be tricky business. As such, many DevOps and AppSec teams turn to using a declarative framework rather than writing individual scripts to deploy, manage, and maintain access controls for their resources. For Azure environments, Azure Resource Manager (ARM) is this management layer that allows teams to manage their infrastructure as code (IaC) through declarative ARM templates.

Red Hat® OpenShift® Container Platform (OCP) is an enterprise-grade Kubernetes platform for building, deploying, running, and managing containerized applications in a hybrid world. The reality is that with Red Hat OCP, building, deploying, running, and managing containerized workloads couldn’t be any easier.

When David McCheyne, DevOps Engineer at Datto, outlined a plan to ease the company into developer-first security using Snyk, he thought it would take his teams a year to prove the concept. A seasoned DevOps pro, David understood very well the enormity of this change and was prepared to slowly introduce Datto security champions to the Snyk platform and not force the process.