Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk Log4Shell Stranger Danger Live Hack

Dec 22, 2021 By Snyk In Snyk
In this recorded session, we present a live hack webinar on the Log4Shell exploit. We give a brief overview of the vulnerability and dive right into some examples of the exploit in action. We then show several real-world remediation approaches as well as other fixes outside code. We give a final round of fun demos, including container and IaC hacks as well as Java-based game hacks. We wrap up with a great list of takeaway resources and answer your questions.
View Video

Snyk Code Hands-on Workshop

Dec 22, 2021 By Snyk In Snyk
Snyk Code is developer-first: embedding SAST as part of the development process, enabling developers to build software securely during development, and not trying to find and fix problems after the code is compiled. Snyk Code works in the IDEs and SCMs developers use to build and review software and provides fast, actionable, meaningful results to fix issues in real-time.
View Video
Snyk

Snyk Container in 2021: Shifting container security all the way left

Dec 22, 2021 By Jim Armstrong In Snyk

No matter how you slice it, the use of containers and Kubernetes continues to swell. And recent high profile vulnerabilities-that-shall-not-be-named have shown us how important container security is for an overall application security program. Protecting your own code, your dependencies, and the containerized services you use are all a must.

Read Post
Snyk

Snyk Open Source in 2021: A year of innovation

Dec 21, 2021 By Daniel Berman In Snyk

More than 90% of organizations rely on open source software, a reliance that introduces a significant amount of security and legal risk via either direct or transitive open source dependencies. To overcome this challenge, Software Composition Analysis (SCA) solutions are playing an increasingly important role in helping organizations successfully identify and mitigate potential security issues.

Read Post
Snyk

Snyk Code in 2021: Redefining SAST

Dec 21, 2021 By Frank Fischer In Snyk

Starting in early 2021, Snyk Code and became available as a freemium offering for Snyk users. Snyk Code helps developers quickly and accurately find, prioritize, and fix security flaws in proprietary code. With detailed remediation guidance at every stage of the software development lifecycle (SDLC), from the developer’s environment (IDE) to continuous integration and development (CI/CD) pipelines, Snyk Code revolutionizes static application security testing (SAST).

Read Post

Live Hacking: Find Vulnerabilities in Your Apps Before Hackers Do

Dec 20, 2021 By Snyk In Snyk
As cloud-native technologies disrupt the Application Security (AppSec) market, forward-thinking enterprises are shifting their security to the left. A range of cutting-edge security platforms is now available, empowering developers to build secure applications within the development process. But what do secure applications look like, and why does it matter? Why are enterprises implementing security during the deployment phase?
View Video
Snyk

Snyk makes it easier to fix Log4Shell with extended free scans

Dec 20, 2021 By Simon Maple In Snyk

Due to the recently discovered Log4Shell vulnerability, and to support the tremendous effort being mounted by the community to address it, we are happy to announce that we are increasing the free test limit in Snyk Open Source! This means that any developer, no matter the company or project, can now use Snyk Open Source to find and fix Log4Shell with double the number of free tests, whether it’s within your IDE, your Git repositories, CI environments, or using the Snyk CLI.

Read Post
Snyk

Log4j 2.16 High Severity Vulnerability (CVE-2021-45105) Discovered

Dec 18, 2021 By Jason Lane, Benji Catabi-Kalman In Snyk

Overnight, it was disclosed by Apache that Log4j version 2.16 is also vulnerable by way of a Denial of Service attack with the impact being a full application crash, the severity for this is classified as High (7.5). Snyk is currently not aware of any fully-fledged PoCs or exploits in circulation. CVE-2021-45105 has been issued, and a new fixed version (2.17) has been published by Apache which we recommend upgrading to.

Read Post

DevSecOps and Data Engineering

Dec 17, 2021 By Snyk In Snyk
As security is adopted more in the shift left devsecops approach it brings with it a re-examining of the full SDLC. This is increasingly important not only as part of security policies and app handling but also ensuring the protection of infrastructure, data and end user app experiences. In this Snyk Live episode we are joined by Saman Fatima, sharing experiences around security practices and approach. Looking at DevSecOps practices like IAM and how security can apply to data engineering.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.