CI Fuzz CLI is an open-source solution that lets you run feedback-based fuzz tests from your command line. Every developer can use it to find bugs and vulnerabilities with three simple commands. In this stream, I will demonstrate: 1) How to cover the current state of fuzz testing 2) How to set up CLI fuzzing within 3 commands 3) How to uncover multiple bugs and severe memory corruption vulnerabilities

CI Fuzz CLI is an open-source solution that lets you run feedback-based fuzz tests from your command line. Every developer can use it to find bugs and vulnerabilities with three simple commands. In this stream, our expert Jochen will demonstrate: cover the current state of fuzz testing set up CLI fuzzing within 3 commands uncover multiple bugs and severe memory corruption vulnerabilities All code examples and tools used are open-source.

Corelight and Microsoft show the power of combining network evidence with endpoint telemetry using Defender365 and Sentinel to analyse, investigate, and understand the full breadth of an attack. During the session, we dive straight into the technology and how it can be applied using a simulated attack Demo.

Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.

How to hack a vulnerable OWASP Node.js Apps We are back with part 2 of this livestream. Join us as we demonstrate how you can use the Node.js app. We also show the various ways it can be hacked so you can learn how to prevent it. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.

Privileged credentials are some of the highest-value targets for cybercriminals – is your organization still hard-coding credentials and putting itself at risk? Keeper Secrets Manager is a fully managed cloud-based, zero-knowledge platform for securing infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data. Watch this recorded webinar to learn how to secure your environment and eliminate secrets sprawl with Keeper Secrets Manager – ​​finally remove hard-coded credentials forever!

In this video we talk with two security leaders, very well known, from the Bay Area - Mike Hamilton and Barak Engel. A variety of topics, including software supply chain, data governance and APIs amongst many are discussed.

When conducting incident response, EDR and firewall technologies can only show you so much. The breadth of network traffic provides an unrivaled source of evidence and visibility. Open source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities, furthermore the global communities behind these tools can also serve as a force multiplier for security teams, often accelerating response times to zero-day exploits via community-driven intel sharing.

Join us for a virtual Q&A with Seb Coles, Engineering Manager at ClearBank, and Simon Maple, Field CTO at Snyk.

Welcome to This Week in VulnDB, Each episode we will look through some of the newer vulnerabilities in the Snyk vulnerability database, looking at emerging trends in attack vectors appearing in programming languages, platforms and ecosystems.