In this, the first of our series of our Kubernetes Quick Hits videos, Eric Smalling–Sr. In less than five minutes, you understand why you need to *not* run your containers as root and what to do about it if you are. Snyk helps software-driven businesses develop fast and stay secure. In addition to container security scans, Snyk can continuously monitor to find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

How can I do security in IntelliJ? Is there a security code scanner for IntelliJ? How can I test for security in Java? Is there a Snyk plug-in for IntelliJ? Make sure to subscribe so you don't miss new content! We know that IntelliJ IDEA is the most favorite and commonly used IDE in the Java landscape and a lot of developers practically live in their integrated development environment (IDE). A good IDE is like a swiss army knife; it is your go-to tool to do almost everything. Let’s see how we can integrate security and secure development into IntelliJ IDEA using this new Snyk plugin.

Join us today as we chat with Stephen Allor, Global Head of Partners at Secure Code Warrior. If you haven’t come across Secure Code Warrior before, it’s a global security company that makes software development better and more secure.

Learn about insider threats that are amongst the top security threats to organisations. + What are insider threats in cyber security? + What types of insider threats are there? + What are the famous examples of insider threats? + What are the consequences of such threats? + How can insider threats be detected? + How to address insider threats?

Have a question you’ve been wanting to ask about security at scale, supply chain, or managing great security teams? Join our speakers, industry experts, and Datadog’s very own CISO for an AMA on the “Art of Defense.” We’ll explore all of the topics from the conference speaking sessions and open the door to questions on what we may see from attack and defense in 2021 and beyond.

OWASP API security top 10 is an API security project that focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces (APIs). Through community-led projects globally, it is a great source for tools, resources, education & training for developers and technologists to secure the web and mobile applications. This community has also produced some of the best testing guides, cheat sheets, methodologies and a lot of community work for which all of us are grateful.

Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk, since you’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce critical vulnerabilities into your application, exposing your application and your user's data. This talk will use a sample application, Goof, which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we'll explain why it happened, show its impact, and—most importantly—learn how to avoid or fix it.

From day one, most organizations,especially the big ones, are targeted with a broad range of attacks. These range from information exfiltration attempts to fraud. Although a great majority of them can be addressed with the help of a Web Application Firewall, there are some that require more extensive tooling. Join me as I show you how we use Sherlock and Datadog to block 30,000+ fraudulent users per week in seconds. We will also discuss other applications and how you can implement similar solutions.

This policy setting determines whether the LDAP server requires LDAP clients to negotiate data signing. Using the default configuration of this value allows LDAP clients to communicate with Active Directory in an insecure fashion.