Heroku Add-On Beta
A few months ago we launched Snyk for Serverless, testing FaaS and PaaS apps for vulnerable libraries. We are now taking PaaS testing to the next level by launching the Beta of the Snyk Heroku Add-On.
Snyk already supports continuously monitoring Heroku apps by pointing Snyk to your Heroku deployment following the instructions in the link. But with the new Heroku Add-On we go even deeper, integrating with your Heroku workflows, scanning your Heroku apps on every deploy, and sending you real time notifications when your deploys have known vulnerabilities.
Since the add-on is currently in beta, it’s free to try out! We’re looking for people to take it for a test drive and provide us with some feedback. To try it out, simply install the
snyk add-on using the
Test plan. You can find the Snyk add-on details on the Heroku Elements marketplace.
Once you’ve attached the Snyk Heroku Add-On to one (or more) of your Heroku apps, you can see your detailed vulnerability reports by clicking on the Snyk logo from your Heroku App settings page.
We’d love for you to try this out and to hear your feedback. Email firstname.lastname@example.org with any feedback or thoughts, or if you would like to get notified when the Snyk Add-On comes out of beta. We look forward to hearing from you!
Python 2 vs 3: Security Differences
October 10, 2017Python 3 and Python 2 have various functional differences. On their own, they’re not necessarily better or worse (though arguably Python 3 should be an improvement), but any change may introduce risk. This post highlights and explains a few differences between the versions that have security implications.
GDPR Compliance and Open Source
September 26, 2017After years of preparation and debate, the General Data Protection Regulation (GDPR) was finally approved by the EU with enforcement starting as early as May 2018, at which time those organisations in non-compliance will face heavy fines. In this post we explain how that impacts companies using open-source and how they can protect themselves.
Subscribe to The Secure Developer Podcast
A podcast about security for developers, covering tools and best practices.
Interested in web security?
Subscribe to our newsletter: