Join "The Big Fix" to secure your projects with Snyk and earn cool swag

What if there was a large, global event dedicated to finding and fixing security vulnerabilities in both open and closed-source software? An event that brings developers, DevOps, and security practitioners of all skill levels and backgrounds together to collectively make the software world more secure?  Well, I’m excited to announce that Snyk has made this a reality by launching The Big Fix — a month-long event that's running now!

The Big Fix celebrates the development, DevOps, and security folks who value application security and take proactive steps to fix vulnerabilities found in their code, open source dependencies, Docker container images, or the infrastructure as code policies. If you're interested in joining in, come to our Discord community, fix some vulnerabilities, and be recognized for the valuable work do. And you won't just be making your own projects more secure, you'll also get some free Snyk swag for participating!

We'll be wrapping the event up on February 25 with a live, 24-hour Big Fix-a-Thon steaming on Twitch! We'll have experts jump on the stream to help you with the issues giving you the biggest headaches, and we'll all work together to make the digital world a little bit safer.

We set lofty goals to make security a 100x better in 2022, so now's the time to join the thousands of other developers and security practitioners already Big Fixing. If you're as excited as we are, sign up and get started fixing!

Why should you join The Big Fix security event?

We all have a role in building software, whether it is operations, security, development, product, or other responsibilities we have in shaping the future. The Big Fix was specifically created to put software security in the spotlight, and here are a few reasons why we thought you’d like to join us on our mission to make the world a safer place:

• It's a great opportunity to fix security issues in your open source or work projects with the help of Snyk employees and other like-minded engineers.

• Did we mention there's free, unique Snyk swag for all participants of the event? You fix security vulnerabilities in your projects and get rewarded by earning cool swag.

• You can level up your security knowledge and developer expertise by joining The Big Fix 24-hour livestream scheduled at midnight GMT on February 25th and featuring live demos, live application hacking, Q&A with industry leaders, cybersecurity academics, and other great individuals who value application security like you and us.

• You'll find out how easy it is to fix security issues with Snyk. Whether you prefer to use the command-line, your IDE, or integrate with your Git repositories directly, you’ll be finding and fixing vulnerabilities faster than ever. Here are all the ways you can add Snyk to your existing workflows.

You probably think I'm biased, so let's hear from some folks that are already a part of The Big Fix:

Getting started with fixing security vulnerabilities

You won't believe how easy it is to create a free Snyk account and start finding vulnerabilities in your projects (many of which likely come from the open source libraries that you have imported). Even better is that it is as easy as a click of a button to also get them fixed.

To make the point on how easy it is to fix security issues for you folks who favor the command-line, Brian Vermeer, a Senior Developer Advocate at Snyk and a Java Champion, recorded the following quick 3-minute video which I highly recommend watching:

Further, if you find you need a formal letter to email your boss and explain why and how participating in The Big Fix event is so important for you and for them, we’ve prepared a How do I convince my boss? template you can use. Head over to The Big Fix page where you can find all the information you need to get started in the event.

Join The Big Fix

If this post got you excited, here's how you can join

1. Head over to The Big Fix page, click the Register button and that will take you to the short form to register to the event. It just asks for your name and your email address (we need the email address to associate with the Snyk account user that you have/or that you will create).

2. Snyk supports many language ecosystems, containers, and IaC-related projects. All you have to do is scan your projects, and once security vulnerabilities are found, go ahead and fix them. See the following resources for quick Getting Started guides:

   • Getting started with Snyk Open Source to fix security issues in Java, JavaScript, Python, Ruby, and other ecosystems.

   • Getting started with Snyk Container to fix security issues found in Docker-based container images, whether you have them locally, or connected in a cloud registry like Docker Hub, Amazon ECR, GCR, or ACR.

   • Getting started with Infrastructure as Code to fix security issues in the form of misconfigurations lurking in your Kubernetes configuration files or your Terraform files.

3. That’s it! Really!

Once you have scanned and fixed security issues in your projects, make sure that the Snyk app is accounting for these security fixes in the UI by monitoring the projects and showing you that you have indeed mitigated said security vulnerabilities.

Oh right, the free Snyk swag! I almost forgot...

After the 24-hour live Fix-a-Thon ends, we will be reaching out to all of you who have participated by finding and fixing security vulnerabilities (based on the email addresses you signed-up with in the above mentioned form) and we will send you details on how to get your free Snyk t-shirt.

Actually, there’s even more swag! We will also raffle swag for those who import more than 3 projects into Snyk, and those share about the event on social media using #TheBigFix hashtag.

So with that, I invite you all to start fixing and join us on the Discord community.

Happy fixing!