Non-humans are everywhere these days. Sure, you’ve seen the much-deserved hype about how AI-powered tools like ChatGPT are going to change everything. But there are plenty of more mundane non-human entities that you interact with in your daily life: the smart thermostat program that knows to cool down your house at a certain time every day, the application on your phone that suggests directions to a place you’ve searched for, and many others.

ServiceNow’s biggest event of the year — Knowledge 2023 — is here, and Snyk is excited to be a part of it with some big news! Back in January, we announced Snyk Security for Application Vulnerability Response to bring Snyk Open Source software composition analysis to ServiceNow Security Operations.

The rise of low-code/no-code platforms has empowered business professionals to independently address their needs without relying on IT. Now, the integration of generative AI into these platforms further enhances their capabilities and eliminates entry barriers. However, as everyone becomes a developer, concerns about security risks arise.

Cyber risk is not just a security issue, it’s also a business issue. When security leaders and their businesses don’t see eye to eye, resources get misallocated, expectations aren’t met, and businesses are left unprepared to face threats. SecurityScorecard launched its Cyber Risk Quantification product in April 2022, allowing customers to quantify the financial impact of cyber risk and help facilitate collaboration and communication among business stakeholders.

APIs are great for accessing specific functions and features, but what happens when they allow unauthorized access? Imagine a social media platform where users can share posts. To enable users to access posts, the platform provides an API that allows GET requests to retrieve posts by specifying the user ID and post ID. GET/api/v2.1/user/1438/posts?id=40. The API will return the 40th post for user id 1438. As these are public forums, any user can submit GET requests to access posts.

As containerized applications become increasingly complex, it can be challenging to design and execute an effective container security strategy. With the growing trend towards cloud-based applications and services, cyber criminals are also evolving their attack techniques, making container security solutions more critical than ever. Calico provides robust detection capabilities to detect known and zero-day container and network-based attacks.

As cloud technology continues to be a cornerstone of modern businesses and organizations, securing cloud environments has become more crucial than ever. Enter cloud security posture management (CSPM), a proactive approach to ensuring the security of cloud infrastructures. With CSPM, organizations can continuously monitor, assess, and remediate potential vulnerabilities and misconfigurations in their cloud environments. But when choosing a CSPM solution, is open source the way to go?

There’s a new cybersecurity challenge threatening the identity processes and systems of organizations worldwide: identity fatigue.

As organizations increasingly adopt cloud services and applications, securing access to these services becomes crucial to protect sensitive data and maintain compliance. Cloud Access Security Brokers (CASBs) have emerged as a key component in providing comprehensive visibility and control over cloud services.

Toyota is a worldwide car manufacturer based in Toyota City, Japan. This automaker produces millions of vehicles each year, and many of those vehicles had their locations publicly available for as long as ten years. If you drive a Toyota vehicle, your location may have been available to anyone interested in seeing it, all because of a cloud configuration mistake. This mistake compromised the privacy of over 2 million Toyota car owners and is a serious hit to Toyota's name and reputation.