Starting October 12th, 2022 we’ll be rolling out some exciting new user interface changes for the Snyk application, at app.snyk.io. These changes make use of the Snyk design system by incorporating standardized UI components, an updated color palette, and other elements to help you get even more from Snyk. In this blog post, we’ll walk through the most important changes.

The Splunk Vulnerability Disclosure SVD-2022-0604 published the existence of an attack where the dashboards in certain Splunk Cloud Platform and Splunk Enterprise versions may let an attacker inject risky search commands into a form token.

The popularity of freelancing has continued to rise in the United States. In fact, a majority of organizations in America have worked with freelancers and plan to hire them again, according to data from the LinkedIn Workforce Report. In the post-pandemic world, there are a massive and growing number of digital nomads, people who choose to travel while working remotely from anywhere in the Internet-connected world.

In April 2022, a medical billing company based in New York became the victim of a serious ransomware attack. Bad actors stole personal and financial data of patients from 26 healthcare institutions who were the company’s clients. The billing company had to notify almost 1 million individuals that their data had been stolen. Over the last few years, organizations and fintechs that process payments for healthcare providers have become a hot target for cyber attacks.

If you’re helping shape application security in an organization, whether as an external security consultant or vendor, or as part of an internal security team, it is critical to work effectively with developers. While a lot of individuals have an interest and stake in security, and many have a significant role to play, developers who write code and fix flaws determine whether application security initiatives succeed or fail.

Fleet operations today revolve around data. Telematics systems, connected cars, and similar IoT systems provide fleet managers with a wealth of information, but this connectivity also raises security concerns. As data breach costs reach their highest point in decades, accounting for vulnerabilities in organizations’ data becomes increasingly crucial. Data-rich and notoriously difficult-to-secure fleets are no exception.

DevOps and modern engineering have enabled us to provide higher quality code at greater speeds by introducing guardrails and checks into our automated continuous integration (CI) and continuous deployment (CD) processes.

Supply chain disruptions have had a devastating impact on the global economy. Suppliers and consumers feel the sting from rampant inflation to product shortages and factory closures. One leading cause of supply chain disruption — a dramatic increase in cyberattacks — is a significant concern for CXOs and IT executives.

On September 14, the White House released Executive Order M-21-30, emphasizing and reminding us that there are NIST guidelines for securing any software being sold to the US Government. According to the Executive Order (EO), self-attestation is a requirement for software vendors or agencies and acts as a “conformance statement” outlined by the NIST Guidance.

MDR (Managed Detection and Response) is a type of cybersecurity service that combines advanced threat detection technologies with human expertise to provide continuous monitoring and rapid response to cyber threats. These services involve a team of cybersecurity experts who monitor an organization’s network and endpoints in real-time using advanced security tools, such as threat intelligence, machine learning, and behavioral analytics.