%term

Scanning Red Hat Quay registry images for vulnerabilities with Snyk

Apr 1, 2021 By Jim Armstrong In Snyk

We’re excited to share that you can now scan container images stored in Red Hat’s Quay container registry and their hosted Quay.io service with Snyk Container. Snyk Container helps you find and fix vulnerabilities in your container images and integrates with Quay as a container registry to enable you to import your projects and monitor your containers for vulnerabilities, as is fully described in our Snyk Container documentation.

Read Post

Snyk

Read more about Scanning Red Hat Quay registry images for vulnerabilities with Snyk

Application security automation for GitHub repositories with Snyk

Mar 31, 2021 By Omer Levi Hevroni In Snyk

Snyk provides a wide array of integrations and a pretty comprehensive API to enable you to deploy Snyk across the SDLC and monitor all the code your organization is developing. Of course – this is not always simple. At scale, ensuring Snyk is monitoring all your repositories becomes more challenging. As you grow, more code is added in the shape of new repositories. Not only that, existing repositories keep on changing.

Read Post

Snyk

Read more about Application security automation for GitHub repositories with Snyk

Stranger Danger Live Hacking Session | Containers

Mar 31, 2021 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Stranger Danger Live Hacking Session | Containers

Scaling Software Supply Chains Securely

Mar 31, 2021 By Mark Milinkovich In JFrog

Software supply chains are mission-critical for digital businesses, and as global conditions accelerate the growth in contactless interactions and transactions, many organizations are reviewing how to solve the challenge of scaling the volume and velocity of their software development and release processes to meet the digital demand. The latest JFrog Platform release delivers a rich payload of new capabilities to scale and secure the software supply chain for digital businesses.

Read Post

JFrog

Read more about Scaling Software Supply Chains Securely

Preventing YAML parsing vulnerabilities with snakeyaml in Java

Mar 30, 2021 By Brian Vermeer In Snyk

YAML is a human-readable language to serialize data that’s commonly used for config files. The word YAML is an acronym for “YAML ain’t a markup language” and was first released in 2001. You can compare YAML to JSON or XML as all of them are text-based structured formats. While similar to those languages, YAML is designed to be more readable than JSON and less verbose than XML.

Read Post

Snyk

Read more about Preventing YAML parsing vulnerabilities with snakeyaml in Java

Secure coding with Snyk Code: Ignore functionality with a twist

Mar 30, 2021 By Frank Fischer In Snyk

When scanning your code with our secure coding tool, Snyk Code might find all kinds of security vulnerabilities. And while Snyk Code is fast, accurate, and rich in content, sometimes there is the need to suppress specific warnings. Typical example use cases arise in test code when you explicitly use hard coded passwords to test your routines, or you know about an issue but decide not to fix it.

Read Post

Snyk

Read more about Secure coding with Snyk Code: Ignore functionality with a twist

Getting started with Teleport Application Access

Mar 27, 2021 By Teleport In Teleport

0:00 Intro
1:09 Docker Setup & Grafana setup
2:27 Setup and Install Teleport
4:33 teleport configure
5:30 teleport start
6:12 tctl users add & Local user setup
7:00 Accessing Grafana via Teleport
7:58 Conclusion

View Video

Teleport

Read more about Getting started with Teleport Application Access

Are we forever doomed to software supply chain security?

Mar 26, 2021 By Snyk In Snyk

The adoption of open-source software continues to grow and creates significant security concerns for everything from software supply chain attacks in language ecosystem registries to cloud-native application security concerns. In this session, we will explore how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes, and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.

View Video

Snyk

Read more about Are we forever doomed to software supply chain security?

RFD 14 Demo - Per-session MFA

Mar 26, 2021 By Teleport In Teleport

This video is a demo of our per-session MFA coming in Teleport 6.1 https://github.com/gravitational/teleport/blob/master/rfd/0014-session-2FA.md#rfd-14---per-session-mfa

View Video

Teleport

Read more about RFD 14 Demo - Per-session MFA

Top 3 AppSec Challenges to the Financial Industry

Mar 25, 2021 By Ayala Goldstein In Mend

The financial industry’s digital transformation is highly reliant on applications, just like the rest of the software development ecosystem. This requires everyone involved to invest in application security management as part of the effort to protect their data and systems.

Read Post

Mend

Read more about Top 3 AppSec Challenges to the Financial Industry

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Scanning Red Hat Quay registry images for vulnerabilities with Snyk

Application security automation for GitHub repositories with Snyk

Stranger Danger Live Hacking Session | Containers

Scaling Software Supply Chains Securely

Preventing YAML parsing vulnerabilities with snakeyaml in Java

Secure coding with Snyk Code: Ignore functionality with a twist

Getting started with Teleport Application Access

Are we forever doomed to software supply chain security?

RFD 14 Demo - Per-session MFA

Top 3 AppSec Challenges to the Financial Industry

Monthly Archive

Follow Us