In today’s ever changing cyber risk landscape, your organization must adopt a vulnerability management framework to control exposure and remediate risks in a timely manner. In an earlier blog, we explained the vulnerability management process. Here, we explore a key part of that process – vulnerability monitoring – in greater depth.
We are thrilled to announce that Snyk has achieved Red Hat Vulnerability Scanner Certification, making it one of the few security platforms to receive this certification from Red Hat. This achievement demonstrates Snyk’s ongoing commitment to providing our customers with the highest level of security assurance for their applications.
Snyk recently hosted a half-day virtual event focused on security for application workloads running on AWS (you can catch it on demand here). The event was broken into six sessions spanning topics like developer challenges in cloud-native AppDev, top vulnerabilities from last year, hands-on workshops with industry-leading technology vendors, and several other subjects that help enable engineering and security teams to build a successful DevSecOps workflow.
Recent research from penetration testing company NetSPI found that Azure on-premises data gateways allow Power Platform and Power BI to access customer resources and databases. Threat researchers found that these gateways can communicate with Power Platform through an Azure service called Azure Relay (previously known as Azure Service Bus).
Supply chain attacks are one of the top concerns for any organization as they exploit (no pun intended) the inherited trust between organizations. Recent examples of similar attacks include SolarWinds and Kaseya. On March 29th, a new supply chain attack was identified targeting 3CX, a VoIP IPXS developer, with North Korean nation-state actors as the likely perpetrators.
At Snyk, we think of developers as citizens of a special community. In that community, your collection of apps is your neighborhood — and your code is your home base; your house. How do you secure a house? With a lock! And how do you make sure no one else can unlock that lock? You keep the key! That’s security ideation at its finest: keys. Just ask Vinz Clortho, Keymaster of Gozer.
Vulnerabilities are on the rise, and it's not just the number that's growing; the severity of these vulnerabilities is also increasing. Cybercriminals are taking advantage of these vulnerabilities to launch sophisticated attacks, leading to data breaches, ransomware, and other devastating cyber incidents.
Last month, Lead Partner Solutions Architect, David Schott, presented a demo on how Snyk works alongside Amazon Web Services (AWS) to identify vulnerabilities at every level of development and infrastructure. David covered why agile development in the cloud requires a different security approach than simply using the IT security methods of the past. Then, he showed a real-time example of how Snyk’s AWS cloud security tools can find and mitigate common vulnerabilities.
