Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Snyk

Announcing the 2022 State of Open Source Security report from Snyk and the Linux Foundation

Jun 21, 2022 By Megan Moore In Snyk

Open source software is a key component in modern applications. It has created a new era in software development, promoting a free exchange of ideas within the developer community and enabling developers to build more functional software, faster than ever. Based on most estimates, 70-90% of any piece of modern software includes open source code.

Read Post
Featured Post
Snyk

How to decide what to fix when you can't fix everything

Jun 17, 2022 By Tal Dromi, Product Manager In Snyk
Contributing to a legacy software development project, as a security-aware developer, is a bit like inheriting an old house. In my old house, the roof is missing tiles, the bathroom taps are dripping, the front door doesn't lock properly, the hallway needs redecorating and there are worrying cracks in the foundations. I don't know where to start. The security problems with the application I've recently (hypothetically) joined are similarly vexing and diverse. It has deprecated dependencies to older versions of software libraries. It could be misconfigured using insecure protocols.
Read Post

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Jun 15, 2022 By Snyk In Snyk
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.
View Video
Snyk

Bringing cloud native application security full circle

Jun 8, 2022 By Erin Cullen In Snyk

The cloud has enabled organizations to build and deploy applications faster than ever, but security has become more complex. The shift to cloud has created a world where everything is code — not just the applications, but also the infrastructure they run on. So, any security issue within an application or cloud environment can put an entire system at risk. And keeping that cloud native application stack secure is increasingly the responsibility of development teams.

Read Post

Rise of the Secure Developer from Atlassian Team '22: Tomás González - Partner Solution Architect

Jun 7, 2022 By Snyk In Snyk
This talk by Tomas Gonzalez, partner solutions architect at Snyk, talks about the rise of the security-conscious developer - someone who champions the use of new cloud technologies with a security mindset. This doesn’t mean developers are solely responsible for security risk management in isolation; secure developers are aware of risk management processes, are armed with the right technology to enforce them, and apply a shared-responsibility mentality to enable an agile, thriving secure business.
View Video

How Malicious NPM Packages Make Your Apps Vulnerable

Jun 6, 2022 By Snyk In Snyk
Zbyszek Tenerowicz (a.k.a. ZB) teaches us how we can be susceptible to malicious packages as developers. We also see demos on the possibilities of what a malicious package can do such as modify code, package.json publish scripts and more. You're sure to learn something new in this session and level up your Developer security skills. This was a recorded livestream titled "My NPM Package Will Eat Your Lunch".
View Video
Snyk

Safer together: Snyk and CISPA collaborate for the greater good

Jun 6, 2022 By Aviad Hahami In Snyk

Great things happen when the academic world and the software industry work together! Today, we’d like to share a story about our recent collaboration with the CISPA Helmholtz Center for Information Security, a big science institution in Germany. Back in January, Cris Staicu Ph.D. (Tenure-Track Faculty, CISPA), contacted us about his research on NodeJS and JavaScript.

Read Post
Subscribe to Snyk

Copyright © 2024 OpsMatters™. All rights reserved.