Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Snyk

Introducing the new Snyk UI

Sep 28, 2022 By Steve Winton In Snyk

Starting October 12th, 2022 we’ll be rolling out some exciting new user interface changes for the Snyk application, at app.snyk.io. These changes make use of the Snyk design system by incorporating standardized UI components, an updated color palette, and other elements to help you get even more from Snyk. In this blog post, we’ll walk through the most important changes.

Read Post

Introduction to OWASP's Vulnerable Node.js Apps: Part 1 | Snyk

Sep 28, 2022 By Snyk In Snyk
Introduction to OWASP's Vulnerable Node.js Apps During this livestream we give an introduction to a vulnerable Node.js application created by the OWASP organization. We also show how some of the OWASP Top 10 security risks apply to web applications, and also how to mitigate these concerns. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.
View Video

Stranger Danger: Your Java Attack Surface Just Got Bigger

Sep 28, 2022 By Snyk In Snyk
Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.
View Video
Snyk

Supply chain security and Executive Order M-21-30

Sep 28, 2022 By Vandana Verma In Snyk

On September 14, the White House released Executive Order M-21-30, emphasizing and reminding us that there are NIST guidelines for securing any software being sold to the US Government. According to the Executive Order (EO), self-attestation is a requirement for software vendors or agencies and acts as a “conformance statement” outlined by the NIST Guidance.

Read Post
Snyk

Explaining the csurf vulnerability: CSRF attacks on all versions

Sep 21, 2022 By Brian Clark In Snyk

On September 11th, 2022, Snyk published a vulnerability report for the popular CSRF token management csurf npm package. The vulnerability impacts all known versions, which are currently yielding more than 400,000 downloads per week. The vulnerability report is based on the public disclosure by security consultant Adrian Tiron and their write-up on the Fortbridge blog.

Read Post
Snyk

Looking back at Black Hat USA 2022

Sep 21, 2022 By Vandana Verma In Snyk

For the past few days, I’ve been getting a lot of messages asking about my experience at this year’s Black Hat USA. So in this post, I’ll be recapping the conference to give you an inside look at what was presented and provide some helpful perspective. Black Hat is one of the largest — and most talked about — cybersecurity conferences. Its inception dates back to 1997.

Read Post

Stranger Danger: Your Java Attack Surface Just Got Bigger

Sep 21, 2022 By Snyk In Snyk
Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.
View Video

Meet the Best Hackers: Shuchita Mishra and Parth Shukla | SnykWeek Boston

Sep 21, 2022 By Snyk In Snyk
During SnykWeek Boston, Shuchita Mishra and Parth Shukla were crowned the best hackers by fixing the most vulnerabilities during our fix challenge. Check out our interview with them to learn about the passion for developer security and what they loved most about Snyk.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.