%term

Build a software bill of materials (SBOM) for open source supply chain security

Mar 14, 2022 By Liran Tal In Snyk

More than ever, developers are building web applications on the foundations of open source software libraries. However, while those libraries make up the software bill of materials (SBOM) components inventory, not all developers and business stakeholders understand the significant impact on open source supply chain security that stems from including 3rd party libraries.

Read Post

Snyk

Read more about Build a software bill of materials (SBOM) for open source supply chain security

Announcing Snyk free security for open source projects

Mar 14, 2022 By Snyk In Snyk

Snyk announces expanded free offerings for open source project maintainers including unlimited scans across our platform and additional features. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about Announcing Snyk free security for open source projects

This Week in VulnDB - 10th March 2022

Mar 10, 2022 By Snyk In Snyk

Welcome to This Week in VulnDB, Each episode we will look through some of the newer vulnerabilities in the Snyk vulnerability database, looking at emerging trends in attack vectors appearing in programming languages, platforms and ecosystems.

View Video

Snyk

Read more about This Week in VulnDB - 10th March 2022

A Day In The Life of A Service Company CISO - Caroline Wong

Mar 10, 2022 By Snyk In Snyk

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

View Video

Snyk

Read more about A Day In The Life of A Service Company CISO - Caroline Wong

How to Mitigate the Risks of Software Supply Chain Security

Mar 10, 2022 By Snyk In Snyk

In this video, Lawrence Crowther, Head of Solutions Engineering at Snyk, and Pas Apicella, Principal Solutions Engineer at Snyk, discuss the ways to mitigate risks in software supply chain security.

View Video

Snyk

Read more about How to Mitigate the Risks of Software Supply Chain Security

Infrastructure drift and drift detection explained

Mar 9, 2022 By Lauren Place In Snyk

Expectations do not always line up with reality. If you’ve started using infrastructure as code (IaC) to manage your infrastructure, you’re already on your way to making your cloud provisioning processes more secure. But there’s a second piece to the infrastructure lifecycle — how do you know what resources are not yet managed by IaC in your cloud? And of the managed resources, do they remain the same in the cloud as when you defined them in code?

Read Post

Snyk

Read more about Infrastructure drift and drift detection explained

"Dirty Pipe" Linux vulnerability and your containerized applications (CVE-2022-0847)

Mar 9, 2022 By Eric Smalling In Snyk

Recently, CVE-2022-0847 was created detailing a flaw in the Linux kernel that can be exploited allowing any process to modify files regardless of their permission settings or ownership. The vulnerability has been named “Dirty Pipe” by the security community due to its similarity to “Dirty COW”, a privilege escalation vulnerability reported in CVE-2016-5195, and because the flaw exists in the kernel pipeline implementation.

Read Post

Snyk

Read more about "Dirty Pipe" Linux vulnerability and your containerized applications (CVE-2022-0847)

Mitigating Risks in Software Supply Chain

Mar 8, 2022 By Snyk In Snyk

By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains (Gartner) which are only becoming increasingly complex due to the changes in how modern software is built. These trends, together with new federal regulations, require organizations to take action to ensure the security and integrity of their software. But this is easier said than done.

View Video

Snyk

Read more about Mitigating Risks in Software Supply Chain

Simplifying container security with Snyk's security expertise

Mar 8, 2022 By Hadas Bloom In Snyk

The most beautiful and inspiring aspect about open source code is, well, that it’s open source. We can look at open source packages like gifts that are exchanged between developers across the engineering world, allowing them to learn from the work other people do, contribute their own expertise, and grow their professional capabilities. Contributing to open source is much appreciated, and it is important to remember not only to benefit from these projects, but also to contribute back.

Read Post

Snyk

Read more about Simplifying container security with Snyk's security expertise

Welcoming TopCoat to Snyk

Mar 7, 2022 By Carey Stanton, Seth Rosen In Snyk

We’re excited to announce that Snyk and TopCoat are joining forces. TopCoat and its founders — Seth and Josh Rosen — are well established and respected in the data analytics space. They’ve built a powerful data analytics platform that simplifies building data applications through an integration with dbt, allowing data analysts and engineers to quickly create highly customized data reporting and visualizations.

Read Post

Snyk

Read more about Welcoming TopCoat to Snyk

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Build a software bill of materials (SBOM) for open source supply chain security

Announcing Snyk free security for open source projects

This Week in VulnDB - 10th March 2022

A Day In The Life of A Service Company CISO - Caroline Wong

How to Mitigate the Risks of Software Supply Chain Security

Infrastructure drift and drift detection explained

"Dirty Pipe" Linux vulnerability and your containerized applications (CVE-2022-0847)

Mitigating Risks in Software Supply Chain

Simplifying container security with Snyk's security expertise

Welcoming TopCoat to Snyk

Monthly Archive

Follow Us