DevSecOps

Yes DevSecOps is a buzz-word, but it’s an important one! Security has an important part to play in application lifecycles and workflows. Learn how you can best integrate security in to your existing pipelines.

SnykCon 2020

Why your team should attend SnykCon 2020

In 2020, meeting and engaging with others is more important than ever before. That’s why this fall we’re introducing SnykCon! A conference to bring the DevSecOps community together for 2 days of sharing, learning, and fun. Need a few great reasons to send your team? Read on! 1. Learn a new approach to securing software … Continued

September 2, 2020
DevOps virtual conference

The DevOps virtual conference we built with the help of Snyk and Patrick Debois

Great physical conferences are magical. You learn from incredible talks, you’re exhilarated by being surrounded by the best in the game, you find fellow travelers who share similar goals and experience, similar struggles that you hope to conquer together, and so much more. The connections you make at conferences often lead to lifelong friendships and … Continued

June 19, 2020
Snyk launches DevSecOps Hub

Snyk launches DevSecOps Hub

Many organizations are shifting to a DevSecOps culture for software delivery. The idea of a developer-centric software delivery model that broke down silos and removed barriers to deployment was born as DevOps in 2008. This efficient approach to software delivery has evolved and grown over the past decade. As organizations have figured out what DevOps … Continued

May 20, 2020
Securing Development That's Gone Remote Cheatsheet Image

Secure development when working from home — tips and tricks

Secure development while remote  As we brace ourselves to an extended period of working from home, we need to re-evaluate various ways of working – and security is no exception. Remote collaboration, which is new to many, may require some changes to your security practices or priorities.  And so, here are a few suggestions of … Continued

March 30, 2020
security news

The State of Open Source Security Survey – 2020

Snyk is currently building our annual State of Open Source Security report and we want to hear from you! Complete this brief survey to help guide our research.

March 25, 2020
12 Things to Get Right for Successful DevSecOps

Examining Gartner’s 12 Things to Get Right for Successful DevSecOps

“Integrating security into DevOps to deliver DevSecOps demands changed mindsets, processes, and technologies. Security and risk management leaders must adhere to the collaborative, agile nature of DevOps for security testing to be seamless in development, making the “Sec” in DevSecOps transparent.” According to the Gartner report, DevSecOps quickly became one of the fastest-growing areas of … Continued

March 24, 2020

February in review: JVM Ecosystem Report, Python and Container Updates, and more

As we wrap up February, dive into the JVM Ecosystem report, tune into DevSecOps learnings, catch up on the latest Snyk product updates, and mark your calendar for KubeCon EU! Security news New! JVM ecosystem report 2020 Insights based on a global developer community survey show us that: 36% of developers switched from Oracle JDK … Continued

February 28, 2020
DevSecOps Insights 2020

86% of security and tech roles agree that security is a shared responsibility

Deeply integrated security increases the sense of shared responsibility. Having a sense of shared responsibility across the organization contributes to an elevated security- first mindset among employees who will seek out to question and challenge solutions regarding the security impact of the products they build.

February 2, 2020
DevSecOps Insights 2020

29% of highest security integration orgs endure friction when collaborating

A watermark of traditional security activities within organizations is the high tension between security teams, the operations or IT, and the core R&D engineering. When all of these teams are siloed with their activities and overall goals unaligned, they create tension and friction that manifests in mis-executive security activities. However, when security practices are integrated … Continued

January 28, 2020
DevSecOps Insights 2020

31% don’t track application dependencies and 38% only track direct dependencies

As we look into the way engineers audit their code bases, we see a strong adoption of automated security tooling, according to the Snyk State of Open Source Security report 2019, with 65% of respondents confirming that observation. It is also important to point out that, even when automated security tools are employed, 79% of the respondents still use security code reviews.

January 28, 2020