Local storage has caught the attention of developers as a lightweight solution for data storage that doesn’t involve databases or even the server. That’s neat, but is it always a good idea to use it? Here are a few thoughts from the folks at Snyk.
A watermark of traditional security activities within organizations is the high tension between security teams, the operations or IT, and the core R&D engineering. When all of these teams are siloed with their activities and overall goals unaligned, they create tension and friction that manifests in mis-executive security activities. However, when security practices are integrated […]
As we look into the way engineers audit their code bases, we see a strong adoption of automated security tooling, according to the Snyk State of Open Source Security report 2019, with 65% of respondents confirming that observation. It is also important to point out that, even when automated security tools are employed, 79% of the respondents still use security code reviews.
With every data breach disclosed, organizations become more aware of the need to address security early on and throughout the SDLC to ensure customer privacy and assets, feature security, and delivery speed. To do it all well, DevSecOps must be driven by security, but powered by developers.
We are thrilled to announce and share with you the Snyk 2020 DevSecOps Insights! In this study, we discuss the state of DevSecOps, key activities, focus areas, and takeaways. This study is based on data presented in the Snyk 2019 State of Open Source Security report and the Puppet 2019 State of DevOps report. The […]
Back in 2017, the Atlanta-based credit monitoring company Equifax was hacked. Equifax had been using an outdated version of the Java Apache Struts library in their system, making it possible to infiltrate their system through a known vulnerability. As a result of this breach, the company exposed the personal details of 143 million Americans. Recently […]
Digital transformation is not a buzzword - it’s a force. Practically all businesses, big and small, seek to make technology their core, and to accelerate their ability to adapt to the market. And yet, as entire enterprises seek to reshape themselves to meet these new challenges - security stays behind. If we’re going to base our approach on the new digital reality, we first need to understand it - what are the key changes that take place during Digital Transformation, and what is their impact on security? We’ll break it up into three main changes: Digital Business, Cloud and DevOps.
We are thrilled to announce that Snyk has closed $150 million in funding to accelerate our vision to bring a new approach to application security, enabling businesses to continuously build security into their application development process and culture.
I’m frequently asked for advice by friends and colleagues on how to navigate career growth in the startup world. At many companies in hyper-growth, as with Snyk, the sheer rate of change can create numerous opportunities but also a lot of ambiguity. This post is a peek at the advice I give my friends and […]
Azure Pipelines allows users to focus more time on writing their applications by making it easy to automate their builds, tests, and deployments. Specifically, Tasks for Azure Pipelines enables users to customize and automate an Azure Pipelines CI/CD workflow with a group of ready-to-use tasks that can be inserted into pipelines from the Azure Pipelines […]