Snyk IaC public beta introduces Terraform plan analysis
We’re happy to share new beta features of Snyk Infrastructure as Code (Snyk IaC) inside the Snyk CLI, adding support for Terraform plan scanning, plus performance and security improvements.
We’re happy to share new beta features of Snyk Infrastructure as Code (Snyk IaC) inside the Snyk CLI, adding support for Terraform plan scanning, plus performance and security improvements.
Today we’re excited to announce a new product tier—Snyk Team—designed to help development teams empower themselves to build applications securely, together! No development team wants to write an application that gets hacked—but many don’t have the skills or budget to use the application security tools currently offered in the market.
Maven is the most commonly used build system in the Java ecosystem, and it has been for many years. Building your application with Maven is easy since it takes care of many things for you. In different phases of the Maven lifecycle, it handles things like: With Maven, the development lifecycle happens the same way on every machine for every developer on the team, as well as within the CI pipeline.
The Code Dx team is pleased to announce the general availability (GA) of Code Dx 5.3, which notably features an integration with Snyk to help customers integrate open source and container security into their continuous development processes. As we move toward a cloud native world, we’re working to ensure that developer-first tooling, secure cloud infrastructure, container security, and open source tools are fully integrated into Code Dx 5.3.
As Uncle Ben once said, “With great power comes great responsibility.” This is also true of the Kubernetes API. It is very powerful, and you can build amazing things on top of it, but it comes with a price—a malicious user can also use the API to do bad things. Enter Kubernetes RBAC (role based access control), which enables you to use the API in a controlled manner by granting only required privileges needed, following least privilege principle.
Snyk Code now offers beta support for Python 2.x and 3.x projects. You do not have to install or update anything since we added the support to the backend engine and it is available instantly to be used. When a repository is scanned, you will see Python beta results showing up. If you cannot wait for a scheduled rescan, you can manually trigger a scan.
Cloud native has been a growing trend as organizations shift away from on-premise infrastructure and longer software release cycles towards a more iterative development approach using cloud-based tooling and infrastructure. While cloud native applications enable rapid deployments and greater scalability, this emerging software approach also introduces security challenges.
Nowadays, developers are responsible for more than just creating the application. Besides working on features, developers have to focus on their applications’ maintainability, scalability, reliability, and security. Many developers are unsure of where to start with security. In addition, most companies still work with a dedicated security team instead of having security expertise inside the team. A lot of developers practically live in their integrated development environment (IDE).
We’re pleased to announce our new plugin for JetBrains IDEs, making it easier for developers to find and fix security issues as they code! Snyk’s new free JetBrains IDE plugin enables developers using IntelliJ IDEA and WebStorm to easily find and fix known vulnerabilities in their open source dependencies as well as any security issues and bugs in their own code.
We’re pleased to announce support for viewing all of your Snyk Infrastructure as Code (Snyk IaC) configuration issues in the reporting functionality of the Snyk platform.