Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Java Security Quick Tip: Always santize user input before you display it in your web app. Displaying user input wideout proper validation or sanitization can lead to cross-site scripting security issues. With the OWASP Encoder library, you can escape scripts and be positive that they will not be executed in the users' browser. In this video I will answer the following questions Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for Java and many other languages.

In this installment of SnykLIVE we're joined by Georgi Mitev and Michel Kaporin from the Product and Engineering teams at Snyk. They will show us how we can build apps more securely when using Visual Studio Code. Links shared during the session.

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Greatly reduce vulnerabilities using Snyk's advanced container analysis. This session focuses specifically on the Base Image Management capabilities. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Infrastructure as Code enables you to take ownership of your cloud environments and define what your application needs in a programmatic way. It's appealing because it’s code; you can version it, you can automate testing it using pipelines and you can deploy it frequently on your own. However there is a catch. With this level of autonomy comes increased responsibility and the implicit requirement to have the relevant knowledge needed in order to design and configure secure infrastructure.

Snyk allows customers to create custom rules, using advanced patterns, to define what to look for in infrastructure as code files. This session will be a deep dive into how to create your own rules for Snyk Infrastructure as Code (Snyk IaC)

Ahh, the web, an open platform where sites can communicate with each other, embed third-party content to unlock powerful features, make requests to arbitrary endpoints of other web applications... Well. Isolation was never a thing on the web, and this creates a number of security issues⏤but Spectre took this to the next level.

I will discuss digital transformation in the enterprise, how it impacts cloud native applications developed using agile methodologies and as a result, an oscillating application risk rating, which then triggers prioritized security-related activities by application security engineers.. Key topics will include: Creating a baseline application risk profile Dynamic characteristics of application risk factors Significant changes that trigger security reviews

Hear from Snyk's DevRel and Community Team as they share their security horror stories.

Andrew Betts shares his security horror story of how the Financial Times was hacked by the Syrian Electronic Army.