We’re excited to announce that infrastructure as code (IaC) and container security are joining code and open source dependency security in the free Snyk plugin for JetBrains IDEs. As of today, developers using JetBrains IDEs can secure their entire application with a click of a button. Snyk Security for JetBrains increases code security and reduces time spent on manual code reviews by empowering developers to find and fix issues within their JetBrains IDEs.

Developers take a lot of pride in their work. We strive to consistently deliver the best code and avoid dangerous edge-cases. Which is why we aim to detect and remediate bugs before they ship through testing and code reviews. However, when it comes to security, sometimes we fall flat. When a team lacks the proper security tooling, it can stunt development, create extra work, and deliver dangerous security defects to clients and end-users.

The PCI certification process is quite comprehensive and relates to infrastructure, software and employee access to systems, in particular to datasets and the way that they are accessed. These checks are critical not only to the wider payments industry but also to create a level of trust with users knowing their data is protected. The PCI compliance process is a number of checks, usually by an accredited third party, to ensure that secure data handling processes are in place.

In application development, security plays an increasingly more prevalent role in protecting infrastructure and data, and ensuring a high level of user trust. Recently, Snykers Vandana Verma Sehgal and DeveloperSteve hosted a panel discussion with seasoned industry experts who shared their insights about exactly when security should be brought into app development.

We’ve seen a massive increase in the number of open source packages created and used in the wild during the past few years. These days every ecosystem has its package manager, and almost every package manager has its hidden gems and configurations. That said, as developers continuously install an ever-expanding number of packages, attackers gain interest in the packages’ attack surfaces. Then, the journey to craft the perfectly hidden malicious package begins.

Our diverse global Snykers are united by our core values. In addition to building a strong business, we also collectively lead with passion and empathy for each other, our customers, the communities where we live and work, and our planet as a whole. To paraphrase Dr. King, we believe that a threat to freedom or justice anywhere threatens these innate rights everywhere. Today, as the Ukrainian people are being affected directly, we are all affected indirectly.

As technology folks, we are often under a lot of pressure to fix some deployed code, update an infrastructure component, or patch some code. Often it’s with little notice and needs to be done 5 minutes ago. The gamble with any “zero turnaround” is the rush to fix now vs. taking the time to test and check.

Here’s the story of how a regular project management task resulted in me opening a pull request to an open source repository on GitHub. As a new member of Snyk’s Marketing team, I was recently involved in the preparation for The Big Fix, an event that brings together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure by fixing vulnerabilities while having fun and being rewarded with swag.

Snyk is proud to launch a new Global Service Provider program designed to give leading solution providers the resources they need to bring our developer-first tools and methodologies into their services and support customers on their DevSecOps journey. We designed this program to support our service delivery partners in building services around Snyk, whether for outsourced application development, helping customers achieve their DevSecOps goals, or supporting their cloud native journey.

Over the last few years, the “idea that every company is a technology company a fundamental shift in our industry” (Suzie Prince, Head of Product, DevOps, Atlassian). The sheer dominance of development as a craft has led to a bigger audience and a much louder voice that centers on the developer perspective.