For most websites and apps, employing security-related HTTP headers has become standard practice. Websites use headers as part of HTTP requests and replies to convey information about a page or data sent via the HTTP protocol. They might include a Content-Encoding header to indicate that the content is a compressed zip file or a Location header to specify a redirect URL.
Microservices offer significant advantages compared to monoliths. You can scale the development more easily and have precise control over scaling infrastructure. Additionally, the ability to make many minor updates and incremental rollouts significantly reduces the time to market. Despite these benefits, microservices architecture presents a problem — the inability to access its services externally. Fortunately, an API gateway can resolve this issue.
Most developers aren’t security experts. This isn’t because we don’t care about security, it’s just that there are only so many hours in the day and features come first. Fortunately, developers don’t need to be security experts to build secure apps — they just need the right tools.
Controlling and filtering traffic when containerizing a workload within Kubernetes Pods is just as crucial as a firewall in a more traditional network setup. The difference is that, in this scenario, those capabilities are provided by the Kubernetes NetworkPolicy API. This article will explore Kubernetes NetworkPolicy by creating an example network policy and examining its core parameters. Then, we’ll look at some common NetworkPolicy use cases and learn how to monitor them using kubectl.
After a two-year hiatus (virtual in 2020 and hybrid in 2021), AWS re:Invent was back in person this year in its full glory. Over 52,000 people attended — more than we saw at RSA (26,000) and Blackhat USA (21,000) combined this year.
The holiday season is the perfect time to rewatch some favorite festive movies! While some prefer their holiday movies to be as sappy as possible (Hallmark, we’re looking at you), others relish the annual opportunity to watch an 8-year-old boy exact his revenge on two bumbling bad guys in the 1990 classic Home Alone.
On December 8th, Clinton Herget and Simon Maple, Field CTOs at Snyk, had the opportunity to chat with Corey Quinn, Chief Cloud Economist at The Duckbill Group, podcast host, curator of “Last Week in AWS”, and snarky Twitter personality. Their conversation took a lot of fun turns, from ranting about the hour-long line to get coffee at AWS re:Invent, to Corey proclaiming that “SBOMs are a fantasy” (there’s more context to that… keep reading).
In our latest Snyk in 30, Jason Lane (Director of Product Marketing) and I (Marco Morales, Partner Solutions Architect) showcased Snyk Open Source with a focus on our integration with Bitbucket Cloud. They covered why open source security is vital for modern app development, along with tips on taking a holistic approach to application security that goes beyond just shifting left.
In early November, a new authorization bypass vulnerability was found in Spring Security 5. Now, before we panic let’s look into this problem to see if you are vulnerable. Although the vulnerability is classified as high, there is only a specific set of use cases that are vulnerable. This means that not everyone is vulnerable, and I will show that in a second. Regardless, the advice is to upgrade to the newer version of the Spring Security.
Live conferences are finally back, and the 11th annual AWS re:Invent did not disappoint. After a virtual 2020 and an in-person reduced-sized edition in 2021, there were more than 52,000 (yes — 52,000!) smiling faces milling about this year’s conference in Las Vegas. As per usual, re:Invent was full of exciting product news and updates. Here are the major announcements that got our attention and some of the things Snyk was up to in Vegas.
