Everyone loves open source, and for good reason. We want to help you use open source and stay secure. Read more to learn how this is achievable!
The financial services sector faces both technology opportunities and challenges. The modernization of financial business infrastructures isn’t a new conversation, although it remains a continued priority and challenge for our largest banking, investment, and insurance institutions. Cloud adoption trends in financial services have dominated this conversation in recent years, across infrastructure, data, and the applications […]
This report sheds light on the current security posture of open source software and reflects on security concerns, trends in vulnerabilities across packages and container images, and also examines the practices employed by maintainers and organizations in securing their software.
It’s very common that we find projects working correctly in production but are no longer actively maintained—it’s in production, it works, and the client considers the project finished. Unfortunately, this is not entirely true. We tend to forget that when a project is finished and it’s in production, it does not mean that it doesn’t […]
Defining and explaining the role of a proprietary security team dedicated to researching and analyzing vulnerabilities in open source ecosystems—in order to ensure open source security—is not an easy task. It’s challenging to provide a concise answer when asked the relatively simple question, “what does the security team at Snyk do?”. There is no short […]
Many organizations are shifting to a DevSecOps culture for software delivery. The idea of a developer-centric software delivery model that broke down silos and removed barriers to deployment was born as DevOps in 2008. This efficient approach to software delivery has evolved and grown over the past decade. As organizations have figured out what DevOps […]
Earlier this month, we rolled out the first phase of our Shared Policies initiative which will allow you to create sets of rules that can be applied across your organizations and projects. You can now create your own policies and use these rules to help your development teams easily find and fix what is most […]
Open source is an extremely popular way for large enterprises, small businesses—even individuals and hobbyists—to acquire technology. Simply locate the open source dependencies that appear to address your personal or business computing dilemma, download, and install. Even large companies are taking advantage of open source programs to enhance their portfolio of enterprise applications. Still, everyone […]
Code reviews are hard to do well. Particularly when you’re not entirely sure about the errors you should be looking for! The DevSecOps approach pushes security testing left so that vulnerabilities can be found and fixed earlier, in the design, development, or CI/CD stages of the workflow. It’s always a good idea to check for […]
We are wrapping up this month and we present to you the most interesting highlights and security news from March 2020, Including All.The.Talks — a new virtual community conference — the launch of the State of Open Source Security survey, and several product updates from Snyk. Security news Our State of Open Source Security survey […]