Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Patch management is the centralized control and automation of the patch deployment process — deploying patches — to multiple devices, operating systems, firmware, software and hardware endpoints in the IT network. But vulnerabilities are increasing at unseen rates. Over 65,000 new vulnerabilities in existing IT systems were discovered in 2022, which is a 21% increase from 2021. And that makes patch management all the more important.

Many, if not all, SOAR solutions in the market tout case management within their offerings. It’s a hard requirement for most analysts because it’s essential for their job. But those same analysts are burnt out and overwhelmed by high volumes of alerts, and they struggle to work through the near- endless backlog of tickets. When they look for alternatives, security teams are stuck between choosing good automation or good case management.

As we approach the second half of 2023, both security and development teams are seeing seismic shifts in the application security world. AI is powering a productivity revolution in development, enabling developers of all types (and even non-developers) to introduce code faster than ever. Meanwhile, it’s more difficult than ever for developers and AppSec professionals to identify and prioritize true risk to the business.

We are excited to announce that Snyk Learn, our developer-first cybersecurity education platform, is now aligned with the National Institute of Standards and Technology's (NIST) National Initiative for Cybersecurity Education (NICE) Framework.

Today, we’re excited to launch a few new features as part of our ongoing efforts in our Software Supply Chain Security solution. These developer-first tools help you gain a better understanding of your app’s supply chain, identify potential risks, and take the necessary steps to get ahead of them.

Modern applications are built, deployed and, run in increasingly complex and dynamic environments. Assessing and prioritizing the security issues introduced by these applications without taking this context into account inevitably leads to focusing remediation efforts on the wrong set of issues. This not only results in real risk slipping under the radar but also wastes the valuable time of developers, increasing their frustration and eroding their trust in security.

As we approach the second half of 2023, both security and development teams are seeing seismic shifts in the application security world. DevOps practices continue to evolve, meaning that developers are introducing code more and more rapidly, andwith the help of AI, developers of all kinds are able to create code faster than ever. Plus, apps aren’t just made up of first-party code and third-party dependencies anymore.

In the ever-evolving cybersecurity landscape, staying ahead of potential threats is crucial. Attack Surface Intelligence (ASI) is vital in identifying vulnerabilities and mitigating risks. This blog post will discuss the latest data updates in ASI and the exciting developments within our threat research group.