JavaScript is widely used in both backend and frontend applications. Crashes that cause downtime or other security issues are very common in nodejs packages. Our goal with Jazzer.js is to make it easy for developers to find such edge cases. In this webinar, Norbert will show you how to secure JavaScript applications using our open-source fuzzer Jazzer.js.

Cyber-criminals are relentless, and the number of attacks is growing. Businesses are increasingly turning to ethical hackers to find bugs and exploits before attackers do, offering financial incentives for their efforts. As a security researcher, our host Cyril Noel-Tagoe is always on the hunt for new vulnerabilities. He’s joined for this episode by ethical hacking enthusiast and Daily Swig reporter Jessica Haworth, who has a finger firmly on the pulse of the latest bug bounty programs and developments.

With OSS, not knowing where all your software comes from means hard-to-spot risks to the integrity of your services. Without constant identity checks and safety protocols for keys and secrets, open-source dependencies can open the door to breaches, exploits, and supply chain attacks. Enter Pyrsia -- your torch that lights up the open-source supply chain!

Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.

Running an MSSP is no easy task. In this roundtable discussion, we are going to be exploring how MSSPs can thrive in these uncertain economic times. Security will continue to grow despite the economic conditions but client companies are going to become more price sensitive and this is going to impact MSSPs that compete on margin.

How DevOps and Platform Teams can focus on Innovation and Optimization?

Passwords are everywhere. Sometimes they are obvious — hardcoded in the code or laying flat in the file, but other times they take the form of API keys, tokens, cookies, or even second factors. Devs pass them in environment variables, vaults mount them on disk, teams share them over links, and copy them to CI/CD systems and code linters. Eventually, someone leaks, intercepts, or steals them. Because they pose a security risk, there is no other way to say it: passwords in our infrastructure have to go.

Welcome to This Week in VulnDB, Each episode we will look through some of the newer vulnerabilities in the Snyk vulnerability database, looking at emerging trends in attack vectors appearing in programming languages, platforms and ecosystems.

Tools to package your applications and services into container images are abound. They’re easier to use and integrate into your CI/CD pipelines now more than ever. We can appreciate these advancements in the form of time savings and decreasing complexity when deploying to a cloud native environment, but we cannot completely ignore the details involved in these technologies. It’s tempting to take simplicity for granted, but sometimes we do this at the expense of keeping our software safe and secure!