Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A Day In the Life of a Fintech CISO - Chris Russell.

Learn about a new prolific vulnerability in an extremely popular package! We will dive in to the defective code as well as the fix!

Learn about The Big Fix campaign which Snyk is leading to help developers, and security practitioners fix security issues. Join us to get a sneak (snyk?) peak into the fun.

CISO Journey What is a like CISO role? what was it like an operational ciso v/s a field ciso? like rght now we are talking only about log4j issues and how it would have been for you. What would have been your strategy? Have you seen other field Cxo’s? What is one Unique thing, you are trying to implement? How different is this role from a regular CISO?

The Big Fix brings together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure. Our goal is to make security 100x better in 2022 by finding and fixing 202,200 security vulnerabilities! Join us to help find (and fix!) security vulnerabilities while making friends and winning swag. In this short video we'll help you get started finding (and fixing!) security vulnerabilities in your applications -- it's easy!

As cloud-native technologies disrupt the Application Security (AppSec) market, forward-thinking enterprises are shifting their security to the left. A range of cutting-edge security platforms is now available, empowering developers to build secure applications within the development process. But what do secure applications look like, and why does it matter? Why are enterprises implementing security during the deployment phase?

We talk with the Claroty team and Daniel Stenberg, creator of curl, about URL Confusion Vulnerabilities.

Brian and Kyle chat with Johannes about the project!

On January 8, 2022, the open source maintainer of the wildly popular npm package colors, published colors@1.4.1 and colors@1.4.44-liberty-2 in which they intentionally introduced an offending commit that adds an infinite loop to the source code. The infinite loop is triggered and executed immediately upon initialization of the package’s source code, and would result in a Denial of Service (DoS) to any Node.js server using it.

Navigating the world of secure software development is hard. There is a lot of noise and not enough time to investigate everything thoroughly. Make your life and the lives of your colleagues easier by building a world-class DevSecOps automation pipeline. Automate feedback delivery in a way that makes sense. It doesn’t have to be hard; automate the pain away!