Untangling the secrets of your JavaScript Dependencies During this livestream we are joined by API lead and Node j.s expert Thomas Gentilhomme. We dive into topics ranging from, Thomas' background and experience to untangling the secrets of your dependencies, and even test an example of NPM packages. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

What is a bug bash? What is the value? How can you run one within your company? We share how to plan a Bug Bash, as well as best practices from customers who've been running these. We will also provide a check list and other resources.

Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.

Learn tips and tricks on how to implement, troubleshoot and scale deployments. For example, should you scan in the CICD or in SCM? What implementation methods should you use - plugin, npm, binary…? We will cover this and more. Host: Sebastian Roth, Senior Solutions Engineer Seb brings his expertise as a Principal Software Engineer & Team Lead for over 17 years into the DevSecOps community, where he now focuses on process improvements and shares best-practices to improve security posture.

In this livestream we are joined by Adolfo Veytia, Staff Software Engineer at ChainGuard and Tech Lead on the Kubernetes SIG-Release team, as we talk about they were able to tackle signing all of the Kubernetes v1.24 image artifact using Sigstore. We then demonstrate signing an image and vulnerability scan result attestations with Sigstore's cosign utility. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.

Snyk has a new and improved Bitbucket Cloud App. The new Snyk Security for Bitbucket Cloud App features the same Bitbucket experience with a streamlined onboarding process and improved enterprise functionality. Here's how to migrate your existing Snyk as Bitbucket Cloud App (Legacy)—to the new Bitbucket Cloud App integration.

Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.

In this livestream we dive into the latest set of malicious packages discovered by the Snyk security research team. We are joined by senior security researcher at Snyk Raul Onitza-Klugman as we also discuss how these findings came to be, what they mean for open source security, and some hypotheses about the future of supply chain security. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.

Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.