Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Developer Driven Workflows - Dockerfile & image scanning, prioritization, and remediation

Mar 25, 2021 By Eric Smalling In Snyk

When deploying applications in containers, developers are now having to take on responsibilities related to operating system level security concerns. Often, these are unfamiliar topics that, in many cases, had previously been handled by operations and security teams. While this new domain can seem daunting there are various tools and practices that you can incorporate into your workflow to make sure you’re catching and fixing any issues before they get into production.

Read Post

How To: Build and Maintain a DevSecOps Culture

Mar 25, 2021 By Snyk In Snyk
DevSecOps is the process of integrating secure development best practices and methodologies into development and deployment processes. Reliant on the fast development and delivery of agile software, businesses cannot afford to miss a step when it comes to keeping pace with the competition. However, when the next security breach is a matter of ‘when’ not ‘if,’ organizations are also ill-fated if they fail to ensure that their DevOps processes are just as secure as they are speedy.
View Video

How Twilio Scaled through Dev-First Security and DevSecOps

Mar 22, 2021 By Snyk In Snyk
As more organizations leverage cloud native technologies such as Kubernetes, IaC, containers and serverless – shifting left and adopting DevSecOps is a must-do. But how does it actually work in practice? Meet Twilio; a billion dollar unicorn that has mastered dev-first security. In this session, you’ll hear from Twilio’s Head of Product Security on how he built and runs an application security program that maintains high velocity outputs.
View Video

Integrating security automation in modern application development environments

Mar 18, 2021 By Snyk In Snyk
Automating security has become fundamental to supporting the speed-to-market requirements of modern application development environments. In this video, you will hear from the security teams at Skyscanner and Red Venture on how they are automating application security as part of their application development environments, thus helping their development teams to prioritize and remediate vulnerabilities more effectively.
View Video
Snyk

Backstage integration with the Snyk API

Mar 17, 2021 By Matt Jarvis, Padraig O'Brien In Snyk

Backstage began life as an internal project at Spotify and was released as an open-source project in 2020. Its original intention was to be a central location where the company had a registry of all software they had in production but has since evolved into a much more advanced platform, including a plugins system that helps users extend the platform. This plugin system is a significant reason for Backstages success and drove adoption within the company.

Read Post
Snyk

Automate container security with Dockerfile pull requests

Mar 16, 2021 By Danielle Inbar In Snyk

Integration with your source code managers and issuing pull requests to fix issues has been part of Snyk’s success in helping our customers fix application dependencies for several years. Now, we want to help you address container security in a similar way. We’re happy to share that we are extending Snyk Container by helping you automatically fix issues in your Dockerfile to keep an up-to-date base image at all times.

Read Post
Snyk

Defining Developer-first Container Security

Mar 16, 2021 By Jim Armstrong In Snyk

Have you shifted left, yet? That’s the big trend, isn’t it? It’s meant to signal a movement of security responsibilities, moving from central IT teams over to developers, but that’s trickier than it sounds. Simply taking tools that are intended for use by security experts and making them run earlier in the supply chain does not provide developers with meaningful information.

Read Post
Snyk

Solving Java security issues in my Spring MVC application

Mar 15, 2021 By Brian Vermeer In Snyk

The Spring MVC framework is a well-known Java framework to build interactive web applications. It implements the Model-View-Controller architecture pattern to separate the different aspects of your application. Separating the different logic elements like representation logic, input logic, and business logic is generally considered good architectural practice.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.