Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Forrester Wave™ Software Composition Analysis, Q3 2021 report states that open source components made up 75% of all code bases in 2020. This is more than double the 36% in 2015. As organizations increasingly rely on external components to quickly add functionality to their own proprietary solutions, they take on greater risk, especially considering these open source components may contain unmitigated vulnerabilities or violate organizations’ compliance policies.

Recently, Snyk added Social Trends to its vulnerability data . This new indicator shows you what vulnerabilities are trending so you can better prioritize remediation. Our research team found out that there is a strong correlation between socially trending vulnerabilities and the existence of exploits that can actually harm your application.

Teleport, an Access Plane company, is announcing today that it has secured $30M in Series B funding. The company also released its latest version of its offering, Teleport 7.0 – introducing identity-based access for MongoDB . This funding round is led by Kleiner Perkins and follows the company’s record-breaking quarter, with net new annual recurring revenue up 5x and total annual recurring revenue up 2.5x, compared to the second quarter of 2020.

Black Hat USA is one of the industry’s oldest and most well-established security events. Last year, the conference was held virtually for the first time in its history. This year’s conference brought together the best of both worlds, with a hybrid event that was held virtually and in person in Las Vegas. Historically, Black Hat has seen about 20,000 attendees at its in-person conference.

Suppose you’ve been working with container images for more than a minute. In that case, you’re probably familiar with those ubiquitous documents that describe, layer-by-layer, the steps needed to construct an image: Dockerfiles. Did you know that there is a growing set of tools for building OCI compliant images without Dockerfiles?

Thousands of secrets leak daily on public git repositories, including over two million corporate secrets in 2020 alone. This can happen to anyone! For example, in January 2021, an Amazon cloud engineer accidentally committed almost a gigabyte worth of sensitive data that included their own personal documents, as well as passwords and cryptographic keys to various AWS environments on his personal GitHub repository.

Snyk has been long invested in promoting application security awareness and practices through many of our initiatives, including actively participating in communities and foundations. Some examples include: Today, we’re proud to further engage with the community by announcing the Snyk Ambassadors program.