Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Testing for PHP Composer security vulnerabilities with Snyk

May 20, 2021 By DeveloperSteve In Snyk

PHP is used extensively to power websites. From blogging to ecommerce, it’s embedded in our everyday lives and powers much of the internet we use today. According to a Wappalyzer report on top programming languages of 2020, PHP has a 79% market share of backend languages used on the internet today. One of the biggest challenges with PHP libraries over the years has been package management. There have been a few ways to easily install and maintain libraries including PECL, CPAN.

Read Post

Hardened Access - Dual Authorization for Roles & Per-session MFA with Yubikeys

May 20, 2021 By Teleport In Teleport
This webinar is a deep dive into how companies can harden access to Teleport with two new features in Teleport 6.1 These include creating dual & multi Authorization rules, requiring multiple team members to approve role escalation. This is an important FedRAMP control ( AC-3 ) and increasing the visibility and audibility for access. We’ll show how you can enforce per session MFA with the aid of hardware tokens; reducing the scope and risk related to certificate exfiltration.
View Video

Trend Micro & Snyk - Better together

May 19, 2021 By Snyk In Snyk
This Trend Micro and Snyk talk gives an overview of what is open source is, including the growth, power and potential risk involved in using it to build and deploy cloud native applications. With visibility into open source vulnerabilities and license issues the first time sec ops professionals have visibility into potential vulnerabilities in open source components through . Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
View Video

Keep OSS supply chain attacks off the menu: Tidelift catalogs + JFrog serve known-good components

May 18, 2021 By JFrog In JFrog
How does your organization keep track of all of the open source components being used to develop applications and ensure they are secure and properly maintained? Our recent survey data shows that the larger an organization gets, the less confident they are in in their open source management practices. In companies over 10,000 employees, 39% are not very or not at all confident their open source components are secure, up to date, and well maintained.
View Video
Snyk

Misconfigurations, known unpatched vulnerabilities, and Cloud Native Application Security

May 17, 2021 By Simon Maple In Snyk

Two weeks back, we published our annual State of Cloud Native Application Security report. If you haven’t seen it yet, here’s a TL;DR. We surveyed nearly 600 developers and security professionals to see how the shift to cloud native (digital transformation) has changed their security posture. Then we parsed the results, gleaned valuable insights, and put them in an interactive webpage.

Read Post
mend

Reducing Enterprise AppSec Risks: Ponemon Report Key Takeaways

May 13, 2021 By Julie Peterson In Mend

Ponemon Institute’s Reducing Enterprise Application Security Risks: More Work Needs to Be Done looks at the reasons why many enterprises consider the application layer to be the highest security risk. Ponemon Institute, in partnership with WhiteSource, surveyed 634 IT and IT security practitioners about their enterprises’ approach to securing applications.

Read Post
Snyk

Prevent cloud misconfigurations in HashiCorp Terraform with Snyk IaC

May 13, 2021 By Jim Armstrong In Snyk

We’re delighted to share new features of Snyk Infrastructure as Code (Snyk IaC) designed to support how Terraform users write, plan, and apply their configurations. With Snyk IaC, you can get immediate guidance on security configurations as you write, and scan your Terraform plans in your deployment pipelines to ensure your changes and complete configuration are safe.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.