Snyk, the leader in developer security, is excited to share that we’ve been named a Customers’ Choice in the 2022 Gartner Peer Insights ‘Voice of the Customer’: Application Security Testing. Gartner defines the Application Security Testing category as products and services designed to analyze and test applications for security vulnerabilities. This distinction is based on meeting or exceeding overall rating, user interest, and adoption.

You always want to know what is attached to your network. And whether it could be vulnerable or not. In any organisation it’s normal for different devices, on- or off-prem, wired or wireless, to be constantly added or removed – and this can present an opportunity for malicious hackers to take advantage of improperly secured systems. In many cases, organizations have no idea about how many assets they have, let alone where they are all located.

As an employer, you have both a moral and legal obligation to shore up sensitive information about your employees. Sensitive information includes genetic and biometric data, medical records, SNNs (social security numbers), and criminal history records, just to name a few. Fail to do so, and you will open yourself up to loads of risk. Hackers are constantly on the hunt for applicant and employee data that they can further sell on the dark web or use to perpetrate fraud.

According to the latest Ransomware Spotlight Year End report, 56% of the 223 older vulnerabilities identified prior to 2021 are still actively exploited and used as the entry points to ransomware attacks. This warrants the question of why enterprises aren’t patching vulnerabilities regularly.

This blog examines some interesting aspects of the recent reforms to Australia's Security of Critical Infrastructure Act - specifically related to the new risk management obligations that have been introduced. We'll unpack some of the ambiguities that exist and remain to be clarified in this specific area of the reforms.

Chief Information Security Officers know all about the “Sea of troubles,” and they experience “slings and arrows” daily. In mid-September, we saw a breach of Uber that threatened to undo the company’s security program - for exposing a fairly easy path to super admin privileges across most (if not all) of its infrastructure and security tools like GSuite, AWS, and HackerOne private vulnerability reports. The stakes are high.

Teleport 10.3 was released on September 30, 2022 along with a lot of new features, bug fixes and improvements. This blog post will focus on one new feature that deserves a deeper dive.