Snyk is excited to announce general availability of Snyk Apps, a framework for building and distributing custom security solutions to better inform security decisions and boost developer productivity. As Snyk Apps reaches this milestone, Snyk’s Technology Alliance Partnership Program (TAPP) has more than 70 members today.

This blog post series offers a gentle introduction to Rego, the policy language from the creators of the Open Policy Agent (OPA) engine. If you’re a beginner and want to get started with writing Rego policy as code, you’re in the right place. In this three-part series, we’ll go over the following: As a reminder, Rego is a declarative query language from the makers of the Open Policy Agent (OPA) framework.

We are thrilled to announce that Snyk, a leading provider of cloud native application security solutions, has achieved the prestigious AWS Security Competency status. The AWS Security Competency validates Snyk's deep security expertise and commitment to delivering a comprehensive application security solution for modern organizations building and running their applications on the Amazon Web Services (AWS).

Most cloud providers use a shared security responsibility model, meaning they secure some areas of the environment but expect the customer to establish security controls in others. AWS is one of the many cloud providers that follow the concept of shared responsibility. Generally speaking, they split responsibility into two categories. AWS focuses on the security of the cloud, such as the infrastructure that runs all AWS services.

Modern applications are made up of more than first-party code and third-party dependencies. Even a single application links back to a vast ecosystem of cloud environments, containers, third-party base images, and automated container orchestration. Along with the ability to build applications faster, developers also need to secure code and associated dependencies, deployment configuration, and containers running in production.