Snyk

Code to cloud and back to code!

Jun 2, 2022 By Snyk In Snyk

Developer-focused security from code to cloud, and back to code. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Code to cloud and back to code!

Using Rego as a generic policy language

Jun 2, 2022 By Dickson Boateng In Snyk

Policies have a vital role in every organization, but can mean a lot of different things depending on the context. For our purposes, a policy refers to the principles or ideas that an organization uses to make decisions. In this post, we’ll discuss Open Policy Agent (OPA) and its rule language, Rego, highlighting how we can use them to write a simple policy for a payroll microservice.

Read Post

Snyk

Read more about Using Rego as a generic policy language

NPM Dependency Confusion

Jun 1, 2022 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about NPM Dependency Confusion

User Office Hours: Building secure application in VS Code with Snyk

May 31, 2022 By Snyk In Snyk

Visual Studio Code (VS Code) is a code editor redefined and optimized for building and debugging modern web and cloud applications. The Snyk integration for VS Code can help you create secure applications from the beginning. Join us to learn more about Snyk VS Code capabilities. During this session, we’ll take a look at: Throughout the session you can ask us anything! Bring all of your Snyk questions and we’ll do our very best to answer them.

View Video

Snyk

Read more about User Office Hours: Building secure application in VS Code with Snyk

SnykWeek Boston: Perspectives on developer security adoption

May 26, 2022 By Brian Piper In Snyk

During SnykWeek Boston, Simon Maple (Field CTO, Snyk) led a panel discussion about developer adoption of application security. The panelists included: Want the TL;DR? Here are some of our favorite takeaways: Read on to dive deeper into these illuminating insights around organizing security teams, setting security goals, empowering developers, improving compliance, and much more.

Read Post

Snyk

Read more about SnykWeek Boston: Perspectives on developer security adoption

JavaScript Live Panel with Snyk Ambassadors

May 26, 2022 By Snyk In Snyk

Learn about interesting JS use cases, tricks, and challenges. Hosted by Brian Clark and Gerald Crescione. Chapters: 00:00:00 - Stream Start Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about JavaScript Live Panel with Snyk Ambassadors

Hack a vulnerable OWASP Node.js app

May 25, 2022 By Snyk In Snyk

Node.js is popular and makes a great platform for developing web applications. The OWASP NodeGoat project provides an environment to experiment and learn how some of the OWASP Top 10 security risks apply to web applications developed using Node.js, and also how to fix the mitigate these concerns.

View Video

Snyk

Read more about Hack a vulnerable OWASP Node.js app

Snyk finds 200+ malicious npm packages, including Cobalt Strike dependency confusion attacks

May 24, 2022 By Kirill Efimov In Snyk

Snyk recently discovered overt 200 malicious packages in the npm registry. While we acknowledge that vulnerability fatigue is an issue for developers, this article is not about the typical case of typosquatting or random malicious package. This article shares the findings of targeted attacks aimed at businesses and corporations that Snyk was able to detect and share the insights.

Read Post

Snyk

Read more about Snyk finds 200+ malicious npm packages, including Cobalt Strike dependency confusion attacks

How LiveRamp used Snyk to remediate Log4Shell

May 19, 2022 By Brian Piper In Snyk

Like any company that uses web apps or enterprise software built with Java, San Francisco-based LiveRamp was concerned that it had been infected by the Log4Shell zero-day vulnerability within Log4j — the popular open source logging library.

Read Post

Snyk

Read more about How LiveRamp used Snyk to remediate Log4Shell

What is DevSecOps? DevSecOps explained in under 7 mins | 2022

May 18, 2022 By Snyk In Snyk

What is DevSecOps? In this video we're going to talk about how DevSecOps brings security into the DevOps fold, enabling development teams to secure what they build at their pace, while also creating greater collaboration between development and security teams.

View Video

Snyk

Read more about What is DevSecOps? DevSecOps explained in under 7 mins | 2022

Subscribe to Snyk

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Code to cloud and back to code!

Using Rego as a generic policy language

NPM Dependency Confusion

User Office Hours: Building secure application in VS Code with Snyk

SnykWeek Boston: Perspectives on developer security adoption

JavaScript Live Panel with Snyk Ambassadors

Hack a vulnerable OWASP Node.js app

Snyk finds 200+ malicious npm packages, including Cobalt Strike dependency confusion attacks

How LiveRamp used Snyk to remediate Log4Shell

What is DevSecOps? DevSecOps explained in under 7 mins | 2022

Monthly Archive

Follow Us