Yes, DevSecOps is a buzz-word, but it’s an important one! Security has an important part to play in application lifecycles and workflows. Learn how you can best integrate security into your existing pipelines.

Snyk @ Snyk: Enabling Kubernetes RBAC for Snyk’s Developers

As Uncle Ben once said, “With great power comes great responsibility.” This is also true of the Kubernetes API. It is very powerful, and you can build amazing things on top of it, but it comes with a price—a malicious user can also use the API to do bad things. Enter Kubernetes RBAC (role based […]

April 14, 2021

Snyk chats with Shutterstock about building a DevSecOps culture

Buying security tooling is easy, but changing company culture is hard. Learn how Shutterstock was able to adopt a security mindset from the ground up.

April 2, 2021

Developer Driven Workflows – Dockerfile & image scanning, prioritization, and remediation

When deploying applications in containers, developers are now having to take on responsibilities related to operating system level security concerns. Often, these are unfamiliar topics that, in many cases, had previously been handled by operations and security teams. While this new domain can seem daunting there are various tools and practices that you can incorporate […]

March 25, 2021

DevSecOps tools for open source projects in JavaScript and Node.js

In this article, I’d like to propose best practices and discuss how maintainers, and developers, can adopt DevSecOps tools for open source projects to better improve their security posture. We are not short on security incidents and horror stories about malicious packages in the JavaScript open source ecosystem. As citizens of the open source ecosystem, […]

November 24, 2020

Tips to scale your DevSecOps organization from Gene Kim and Guy Podjarny

During SnykCon 2020, author and researcher Gene Kim sat down with Snyk co-founder and President Guy Podjarny and a small group of Snyk VIPs to talk about (Sec)DevOps—where we started, how far we’ve come, and strategies for getting the most value out of the practice. The conversation spanned from philosophical questions to real-world implementations, and […]

November 2, 2020

Key approaches for effective security risk management & prioritization

There’s no easy way of being 100% secure, and although you can become more secure, there definitely isn’t one way of getting there. “The safest thing is to do nothing” is a great cliche, but in the case of software security, this is almost never the case. Starting with the very first line of code […]

October 27, 2020

SnykCon Day Two wrap-up: Integrations and partnerships galore & session highlights

The second and final day of SnykCon 2020 is in the books, and we hope you enjoyed it as much as we did. This post will share some of the product announcements—including a few big partnerships and integrations—plus takeaways from a few of the provocative, in-depth sessions we hosted. We also share session videos in […]

October 22, 2020

SnykCon Day One wrap-up: Snyk Code, carbon neutrality & session highlights

Day One of SnykCon 2020 is in the books. In this post, we’re bringing you a recap of all the news fit to print, plus a peek into some of the eye-opening sessions we heard today. Have a read and join us for Day Two tomorrow. Snyk Code, developer-first SAST, extends Snyk Platform Today, we […]

October 21, 2020

Why your team should attend SnykCon 2020

SnykCon is less than 2 weeks away! In 2020, meeting and engaging with others is more important than ever before. Our goal with SnykCon was to create a conference to bring the DevSecOps community together for 2 days of sharing, learning, and fun. Need a few great reasons to send your team? Read on! 1. […]

October 7, 2020

The DevOps virtual conference we built with the help of Snyk and Patrick Debois

Great physical conferences are magical. You learn from incredible talks, you’re exhilarated by being surrounded by the best in the game, you find fellow travelers who share similar goals and experience, similar struggles that you hope to conquer together, and so much more. The connections you make at conferences often lead to lifelong friendships and […]

June 19, 2020

Snyk launches DevSecOps Hub

Many organizations are shifting to a DevSecOps culture for software delivery. The idea of a developer-centric software delivery model that broke down silos and removed barriers to deployment was born as DevOps in 2008. This efficient approach to software delivery has evolved and grown over the past decade. As organizations have figured out what DevOps […]

May 20, 2020