Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As the Chief Information Security Officer at Snyk, my primary role is to ensure the security and integrity of our products, our systems, and our customers' data. But my responsibility extends beyond our walls. It involves championing a vision for a more secure digital world—a vision I am proud to say we share with the U.S. Cybersecurity and Infrastructure Security Agency (CISA).

The recent revelation of a critical vulnerability in Base44, a prominent vibe coding platform, has spotlighted the intricate relationship between innovation and security in AI-assisted development. Researchers at Wiz uncovered a flaw in the platform that allowed unauthorized access to private enterprise applications, exposing sensitive data and raising urgent questions about the security of vibe coding practices.

In this article Chief Information Security Officers (CISOs) face the daunting task of balancing technical cybersecurity risks with the financial realities of their organization. One critical component in this balancing act is the use of vulnerability scoring systems, in particular, the CVSS score. This article provides a detailed guide on how to translate CVSS scores into tangible financial impact estimates using proven methods of risk quantification.

xx.

Imagine financial analysts watching stock prices suddenly drop. Dashboards show misaligned data, market confidence disappears, and trading screens across the NASDAQ turn red. But this time, the disruption isn’t caused by politics or economic shifts. It starts with a cyberattack. We reveal how a simple and overlooked flaw in Streamlit’s file upload feature, part of a widely used open-source framework for building stock market dashboards, could be used to cause this kind of financial chaos.

Non-human identities. It seems like every technology conference that I’ve attended over the past year or so has had NHIs as a primary topic. And it’s no wonder. What have become powerful tools in the new world of hyper-automation, dynamic IT infrastructures, and complex security processes, have also led to new vulnerabilities within many IT environments. For just a moment, let’s look at why NHIs are important to focus on from a security perspective. I have 3 primary vulnerabilities.

At Snyk, we believe you should never have to choose between speed and security. As the age of AI transforms software development, our goal is to extend our developer-first security approach to this new era, providing the essential tools your teams need to build with confidence. Today at Black Hat, we are delivering on that vision with three tangible innovations that offer a comprehensive solution to secure the entire code lifecycle with AI.