Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Trend Micro & Snyk - Better together

May 19, 2021 By Snyk In Snyk
This Trend Micro and Snyk talk gives an overview of what is open source is, including the growth, power and potential risk involved in using it to build and deploy cloud native applications. With visibility into open source vulnerabilities and license issues the first time sec ops professionals have visibility into potential vulnerabilities in open source components through . Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
View Video

Keep OSS supply chain attacks off the menu: Tidelift catalogs + JFrog serve known-good components

May 18, 2021 By JFrog In JFrog
How does your organization keep track of all of the open source components being used to develop applications and ensure they are secure and properly maintained? Our recent survey data shows that the larger an organization gets, the less confident they are in in their open source management practices. In companies over 10,000 employees, 39% are not very or not at all confident their open source components are secure, up to date, and well maintained.
View Video
Snyk

Misconfigurations, known unpatched vulnerabilities, and Cloud Native Application Security

May 17, 2021 By Simon Maple In Snyk

Two weeks back, we published our annual State of Cloud Native Application Security report. If you haven’t seen it yet, here’s a TL;DR. We surveyed nearly 600 developers and security professionals to see how the shift to cloud native (digital transformation) has changed their security posture. Then we parsed the results, gleaned valuable insights, and put them in an interactive webpage.

Read Post
mend

Reducing Enterprise AppSec Risks: Ponemon Report Key Takeaways

May 13, 2021 By Julie Peterson In Mend

Ponemon Institute’s Reducing Enterprise Application Security Risks: More Work Needs to Be Done looks at the reasons why many enterprises consider the application layer to be the highest security risk. Ponemon Institute, in partnership with WhiteSource, surveyed 634 IT and IT security practitioners about their enterprises’ approach to securing applications.

Read Post
Snyk

Prevent cloud misconfigurations in HashiCorp Terraform with Snyk IaC

May 13, 2021 By Jim Armstrong In Snyk

We’re delighted to share new features of Snyk Infrastructure as Code (Snyk IaC) designed to support how Terraform users write, plan, and apply their configurations. With Snyk IaC, you can get immediate guidance on security configurations as you write, and scan your Terraform plans in your deployment pipelines to ensure your changes and complete configuration are safe.

Read Post
Snyk

Scaling for DevSecOps with the Norwegian Labour and Welfare Administration

May 13, 2021 By Brian Piper In Snyk

Application development has changed, and development teams have begun supporting a model of rapid and frequent deployments to support the pace of innovation demanded by digital transformation. From an application security perspective, this means scaling through DevSecOps and supporting developer-first security. The unique challenges and solutions for shifting to DevSecOps were the subject of a recent roundtable discussion featuring Aner Mazur, Chief Product Officer at Snyk and Christer Edvartsen, Sr.

Read Post
Snyk

Joining forces with FossID to extend developer-first security to C/C++ applications

May 12, 2021 By Guy Podjarny In Snyk

I’m excited to announce the acquisition of FossID, extending Snyk’s developer-first security capabilities with deeper C/C++ support and enhanced license compliance! Snyk’s vision has always been to empower developers to secure their applications, enabling the speed and scale required by technology-driven companies.

Read Post

Access Control #3: State of Startup Application Security

May 12, 2021 By Teleport In Teleport
In this third episode of Access Control, a podcast providing practical security advice for startups, Ben Arent chats with Luca Carettoni, co-founder of Doyensec. Doyensec is an independent security research and development company focused on vulnerability discovery and remediation. The Teleport team has been working with Doyensec for the last two years and have worked together on security assessment for Teleport. In this episode, we’ll get a pentester's view on the current state of startup security.
View Video
Snyk

Snyk CNA adds flexibility in delivery with self-hosted version for AWS customers

May 11, 2021 By Udi Nachmany In Snyk

There are several advantages to consuming software as a service (SaaS). For starters, it allows companies of any size to leverage enterprise-grade software (CRM, service desk, security, etc.) in a pay-as-you-go model to avoid spending large sums of money on shelfware that may never get put to use. SaaS also offers customers the ability to scale or change the usage of their software with little to no advance notice, and makes them more agile in delivering products to market.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.