Discover package vulnerabilities with the Snyk integration for JSDelivr

We are excited to announce that we power the security badge in JSDelivr.com! JSDelivr is one of the leading CDN for open source and npm packages. Snyk’s new integration with JSDelivr shows a security badge on the search page for a specific library. At Snyk, we strongly believe that it is important for developers to […]

June 8, 2020

Our privilege is our responsibility

Over these last few days, many of us have watched in a state of sadness, horror, anger, and solidarity as we saw the video on George Floyd, the protests, the conflict. And sometimes it’s hard to find the words, to articulate the exact thoughts. But awkward and clunky as it may feel, it’s time to […]

June 5, 2020

Announcing enhanced end-to-end security for Bitbucket Cloud development workflows

We’re excited to share that we’ve expanded our collaboration with Atlassian and have enhanced Snyk’s integration with Bitbucket Cloud. These enhancements make it easier than ever for developers to find, fix, and monitor vulnerabilities in open source dependencies throughout the Bitbucket Cloud development workflow. With the goal of removing friction for developers and simplifying DevOps […]

June 4, 2020

Checking Helm Charts for security misconfigurations

Our new Kubernetes configuration feature in Snyk, which checks your configuration files for misconfigurations, now supports Helm Charts. You can now find potential security issues in your Helm charts at the same time as identifying vulnerabilities in the application source code. Helm Charts and templating Kubernetes configuration Helm is a popular tool for packaging up […]

June 3, 2020

Fix vulnerabilities with confidence, with Snyk’s ML-powered Merge Advice

We’re excited to announce the beta release of Merge Advice—the latest enhancement to Snyk’s remediation capabilities that help you fix vulnerabilities reliably. Powered by machine learning, Merge Advice gives developers greater confidence to fix security vulnerabilities in their open source dependencies.  Investing in developer confidence The risk of introducing breaking changes to a branch means […]

June 2, 2020

SDRing during COVID-19—Snyk style!

Prospecting as an SDR in a time of uncertainty can be tricky. With the global economy in its current state, businesses are all impacted in different ways, making a standard “one size fits all” scripted approach to calling and messaging businesses difficult—it’s hard to tell what someone has been through before genuinely asking him or […]

June 1, 2020

Engineering equal opportunities at Snyk

Although numbers have improved in recent years, the amount of women in tech is still concerningly low. As many sources have indicated that diversity in the workplace brings with it a number of attributes to companies including increased revenue and enhanced problem-solving skills through diversity of thought, it is important to address why there is […]

May 28, 2020

Why do organizations trust Snyk to win the open source security battle?

Defining and explaining the role of a proprietary security team dedicated to researching and analyzing vulnerabilities in open source ecosystems—in order to ensure open source security—is not an easy task. It’s challenging to provide a concise answer when asked the relatively simple question, “what does the security team at Snyk do?”. There is no short […]

May 27, 2020

Using Snyk to implement end-to-end DevSecOps on Microsoft Azure

We’re pleased to announce that we’ve added support for Azure Repos Server, enabling developers using Azure’s on-prem DevOps service to identify and fix security vulnerabilities and license issues in open source dependencies.  The new integration complements our support across the Microsoft Azure ecosystem—starting with Azure Repos (cloud-based and now on-premises as well), and running through […]

May 26, 2020

Mitigating clickJacking—the DevSecOps way!

In the past few weeks, we got a few reports (through our bug bounty program) that some of our inner domains are vulnerable to a clickjacking attack. Of course, our main site was protected from the first day, but there were a few small subdomains that didn’t have this protection. Fixing the issue was easy […]

May 25, 2020

Java turns 25—aging like fine wine or more like milk?

On May 23, 1995, Sun Microsystems released Java. This means that Java turns 25 years old and that is something we need to celebrate! The age of 25 is quite old for a programming language, though, right? Let’s take a look at the programming language, the ecosystem, the community, and the future of Java, see […]

May 22, 2020