Announcing The Big Fix: Secure all software

Love your software? This Valentine’s Day, show your software some love by fixing any lingering security vulnerabilities in both your open (and closed-source) code as part of The Big Fix! 

The Big Fix is a month-long fix-a-thon that brings developers and security professionals together to fix vulnerabilities and help make the software ecosystem safer for everyone! The Big Fix helps any developer (with any level of security experience) find and fix vulnerabilities in their software.

This year’s event has been revamped and is better than ever, with:

• An anonymized leaderboard where you can see how many vulnerabilities you’ve fixed,  and compete against other Big Fixers for the top spot.

• A brand-new, limited-edition Big Fix t-shirt that will be mailed to every participant who fixes at least one vulnerability before the event ends.

• A massive Discord community

  of 4k+ security enthusiasts ready to answer your questions and help you make an impact.

• A 24-hour livestream

  with world-renown developers and security professionals on Feb 28th.

• And lots of prizes and giveaways throughout the month!

Want to make an impact? This is the place to do it! During our first annual Big Fix event in 2022, thousands of developers worked together to find over 450k security vulnerabilities and successfully remediate more than 125k of them!.And this year, we’re going EVENBIGGER by aiming to collectively fix 200k+ vulnerabilities!

How to get started with The Big Fix

1. Sign-up for The Big Fix here: https://snyk.io/events/the-big-fix

2. Complete registration and login to your Snyk account — or create a free one if you haven’t already.

3. Add your projects to The Big Fix, so we can keep track of the vulnerabilities you find and fix.

4. Race to fix the most security vulnerabilities and get featured on the leaderboard.

We recognize your commitment to a secure software ecosystem

Your efforts to remediate issues are deeply appreciated as secure software benefits us all! As such, when you fix at least one security vulnerability, you’ll earn our new, limited-edition Big Fix t-shirt.

But that’s not all! The top fixer will win a VR headset, with second and third places also winning great prizes! Learn more on the Big Fix event page and get started today.

Connect with the DevSecOps community

Join our Discord community to chat with 4k+ other Big Fixers, share advice, and ask questions about security issues you’re facing. It’s a great place to learn, make friends, and even team up to fix vulnerabilities!

Join us for a 24-hour Big Fix livestream on February 28 

On February 28th, we’re running a 24-hour livestream on YouTube and Twitch, where we’ll feature discussions and panels to help you level up your security game and have some good old-fashioned fun. Join us to fix vulnerabilities and get troubleshooting support from world-renowned developer security experts during the livestream sessions.

To view the livestream schedule, see our website.

Here are just a few of the great sessions we have scheduled: 

• Secure code review for hackers by Kayla Underkoffler from HackerOne

• Image security hardening by Rachid Zarouali from sevensphere

• Building secure HTTPS gateways for Java applications by Ana-Maria Mihalceanu from Oracle

• Policy enforcement of Kubernetes best practices by Carlos Santana & Doruk Ozturk from AWS

So, don’t forget to subscribe to the YouTube livestream on February 28th.

Partners joining us to secure software

To help accomplish our mission of radically improving software security worldwide, we’ve partnered with a number of leading organizations who are actively taking part in The Big Fix as well as joining us during our 24-hour livestream.

We’d like to extend a huge, virtual hug to our good friends Atlassian, AWS, Bright Security, Dynatrace, Enso, ServiceNow, StackHawk, Slack, Sysdig, The Linux Foundation, Torq, and Vanta.

What’s next?

Throughout February and March, we’ll be publishing articles about application and cloud security topics to help get you started with finding and fixing security issues.

Our amazing security advocates, Vandana Verma and Sonya Moisset, are also planning to host daily security live streams to showcase Snyk Learn’s educational content. 

We highly recommend scheduling Lunch & Learn watch parties with your team to engage with these security enablement sessions over pizza or your team's favorite food.

Finally, don’t forget to hop on Twitter to tell everyone how many security vulnerabilities you’ve found and fixed during The Big Fix. In fact, if you mention and follow @snyksec and use #TheBigFix hashtag, we’ll automatically enter you into a cool swag raffle!