Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Snyk

Infrastructure drift and drift detection explained

Mar 9, 2022 By Lauren Place In Snyk

Expectations do not always line up with reality. If you’ve started using infrastructure as code (IaC) to manage your infrastructure, you’re already on your way to making your cloud provisioning processes more secure. But there’s a second piece to the infrastructure lifecycle — how do you know what resources are not yet managed by IaC in your cloud? And of the managed resources, do they remain the same in the cloud as when you defined them in code?

Read Post
Snyk

"Dirty Pipe" Linux vulnerability and your containerized applications (CVE-2022-0847)

Mar 9, 2022 By Eric Smalling In Snyk

Recently, CVE-2022-0847 was created detailing a flaw in the Linux kernel that can be exploited allowing any process to modify files regardless of their permission settings or ownership. The vulnerability has been named “Dirty Pipe” by the security community due to its similarity to “Dirty COW”, a privilege escalation vulnerability reported in CVE-2016-5195, and because the flaw exists in the kernel pipeline implementation.

Read Post

Mitigating Risks in Software Supply Chain

Mar 8, 2022 By Snyk In Snyk
By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains (Gartner) which are only becoming increasingly complex due to the changes in how modern software is built. These trends, together with new federal regulations, require organizations to take action to ensure the security and integrity of their software. But this is easier said than done.
View Video
Snyk

Simplifying container security with Snyk's security expertise

Mar 8, 2022 By Hadas Bloom In Snyk

The most beautiful and inspiring aspect about open source code is, well, that it’s open source. We can look at open source packages like gifts that are exchanged between developers across the engineering world, allowing them to learn from the work other people do, contribute their own expertise, and grow their professional capabilities. Contributing to open source is much appreciated, and it is important to remember not only to benefit from these projects, but also to contribute back.

Read Post
Snyk

Welcoming TopCoat to Snyk

Mar 7, 2022 By Carey Stanton, Seth Rosen In Snyk

We’re excited to announce that Snyk and TopCoat are joining forces. TopCoat and its founders — Seth and Josh Rosen — are well established and respected in the data analytics space. They’ve built a powerful data analytics platform that simplifies building data applications through an integration with dbt, allowing data analysts and engineers to quickly create highly customized data reporting and visualizations.

Read Post

Are We Forever Doomed By Software Supply Chain Risks?

Mar 7, 2022 By Snyk In Snyk
The adoption of open-source software continues to grow and creates significant security concerns for everything from software supply chain attacks in language ecosystem registries to cloud-native application security concerns. In this session, we will explore how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes, and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.
View Video
Snyk

Snyk and Bitbucket best practices cheat sheet

Mar 3, 2022 By Marco Morales In Snyk

As the partnership between Snyk and Atlassian continues to grow, we decided to put together a best practices cheat sheet to help you make the most of our integration with Bitbucket. This will help you use Bitbucket more securely to manage and store your code, as well as continuously monitor your code and dependencies for potential vulnerabilities using Snyk. Here are the seven best practices we’ll discuss in this post: Download the cheat sheet

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.