Snyk

How to publish Node.js Docker images to Docker Hub registry using GitHub Actions

Aug 9, 2021 By Liran Tal In Snyk

In a previous post, we presented a step-by-step tutorial on how to publish Node.js Docker images to GitHub Packages registry using GitHub Actions. In this post, we’ll focus on publishing the Docker image that we build to the public Docker Hub registry. Why is this useful you might ask? The Docker command line application docker has a default registry setting for docker.io which points to the Docker Hub registry.

Read Post

Snyk

Read more about How to publish Node.js Docker images to Docker Hub registry using GitHub Actions

Getting started with Snyk for secure Python development

Aug 4, 2021 By Daniel Berman In Snyk

If you’re a Python developer looking to easily secure your applications, you’re in the right place! Snyk helps you secure all the code making up your Python app — your own code, the open source libraries you’re pulling in, your containers, and your infrastructure as code (IaC) — by integrating seamlessly into your existing development workflows.

Read Post

Snyk

Read more about Getting started with Snyk for secure Python development

The best security advice from 100 episodes of The Secure Developer podcast

Aug 2, 2021 By Sam Hepburn In Snyk

Technology, culture, and process all have to change to ensure safe software is delivered faster. It’s a lot to tackle. But you don’t have to do it alone. The Secure Developer, a podcast from Snyk’s founder Guy Podjarny, just hit 100 episodes of thought-provoking conversations with security experts at a wide cross-section of companies.

Read Post

Snyk

Read more about The best security advice from 100 episodes of The Secure Developer podcast

Are We Forever Doomed By Software Supply Chain Risks? Cyber Week Israel 2021, Liran Tal

Aug 1, 2021 By Snyk In Snyk

The adoption of open-source software continues to grow and creates significant security concerns for everything from software supply chain attacks in language ecosystem registries to cloud-native application security concerns. In this session, we will explore how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes, and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.

View Video

Snyk

Read more about Are We Forever Doomed By Software Supply Chain Risks? Cyber Week Israel 2021, Liran Tal

Snyk report shows Java ecosystem is more relevant than ever

Jul 30, 2021 By Snyk In Snyk

After more than 25 years, Java is still one of the most popular open source programming languages in the world. To provide more insights into how Java and the JVM ecosystem are used amongst the developer community, Snyk has launched the Java ecosystem report 2021.

Read Post

Snyk

Read more about Snyk report shows Java ecosystem is more relevant than ever

Snyk Code adds security scanning for C# and .NET

Jul 29, 2021 By Frank Fischer In Snyk

As a quick note, I have a personal history with .NET, including time working at Microsoft as a .NET evangelist. And I’ve briefly met Anders Jejlsberg, the designer of C# and Typescript, so this blog is a bit personal for me. We are happy to announce that Snyk Code scans for security vulnerabilities and provides remediation suggestions for yet another language: C#. This adds a major language to our portfolio which includes support for Java, JavaScript, TypeScript, and Python.

Read Post

Snyk

Read more about Snyk Code adds security scanning for C# and .NET

The Simplest way to Secure your Java Maven Project

Jul 29, 2021 By Snyk In Snyk

Can I scan for security vulnerabilities using Maven? How can I integrate security scanning in my Maven build? How to monitor for security vulnerabilities with every Java build? Scanning the dependencies for known security vulnerabilities in your project is essential. The ideal time to start checking your dependencies is the very moment you import them! To that end, we created the Snyk Maven plugin so you can now scan your application for security vulnerabilities in third-party libraries as part of your build cycle—putting security expertise in the hands of developers.

View Video

Snyk

Read more about The Simplest way to Secure your Java Maven Project

Announcing Social Trends: Use social media for security intelligence

Jul 28, 2021 By Daniel Berman In Snyk

We are excited to announce the availability of Social Trends, adding social media intelligence (SOCMINT) to Snyk’s vulnerability data to help development and security teams prioritize vulnerabilities more effectively. Given the size of vulnerability backlogs facing organizations today, finding and fixing security vulnerabilities in a timely manner is a monumental task. There simply are not enough hands on deck to triage and tackle all the vulnerabilities on the list.

Read Post

Snyk

Read more about Announcing Social Trends: Use social media for security intelligence

Kubernetes Quick Hits: Use SecurityContext to drop unnecessary Linux Capabilities

Jul 28, 2021 By Snyk In Snyk

In this episode of our Kubernetes Quick Hits video series, Eric Smalling–Sr. Developer Advocate at Synk– talks about Linux Capabilities and why you probably can run with none of them enabled. Linux Capabilities is item number six from our recently published cheatsheet, 10 Kubernetes Security Context settings you should understand, check it out and start securing your Kubernetes application deployments today!

View Video

Snyk

Read more about Kubernetes Quick Hits: Use SecurityContext to drop unnecessary Linux Capabilities

SAST tools speed comparison: Snyk Code vs SonarQube and LGTM

Jul 22, 2021 By Frank Fischer In Snyk

We’ve been asked to provide a comparison of scan times between Snyk Code and two common SAST tools: LGTM and SonarQube. For our research, we made several assumptions, but we’ve shared the details in order to be transparent.

Read Post

Snyk

Read more about SAST tools speed comparison: Snyk Code vs SonarQube and LGTM

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

How to publish Node.js Docker images to Docker Hub registry using GitHub Actions

Getting started with Snyk for secure Python development

The best security advice from 100 episodes of The Secure Developer podcast

Are We Forever Doomed By Software Supply Chain Risks? Cyber Week Israel 2021, Liran Tal

Snyk report shows Java ecosystem is more relevant than ever

Snyk Code adds security scanning for C# and .NET

The Simplest way to Secure your Java Maven Project

Announcing Social Trends: Use social media for security intelligence

Kubernetes Quick Hits: Use SecurityContext to drop unnecessary Linux Capabilities

SAST tools speed comparison: Snyk Code vs SonarQube and LGTM

Monthly Archive

Follow Us