Jan 18 – Feb 25, 2022
The Big Fix
That’s a wrap! The Big Fix brought together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure through a month of fixing vulnerabilities, ending in a 24-hour livestream event.
We went big!
0
Projects scanned
0
Vulnerabilities found
0
Vulnerabilities fixed
vulns fixed
Why 202,200? The Big Fix aims to make security 100 times better in 2022. 100 * 2022 = 202,200!
Secure your projects
Even though the Big Fix is over, you can still sign up for Snyk and start securing your projects.
Get startedFollow more on Twitch
Watch new livestreams or relive the 24-hour Big Fix-A-Thon on Twitch.
View on TwitchFeb 25 at
0:00
02/25/2022
The Big Fix-A-Thon is done
We had a blast at the 24-hour livestream full of security experts, industry leaders, and experienced developers. We hope you were able to attend a session or ten and leave a secure developer.
Select your timezone
Good morning APJ
0:00
–
8:00
Hello EMEA
8:00
–
16:00
Howdy AMER
16:00
–
0:00
0:00
Welcome to the Big Fix-A-Thon
Hosted by DeveloperSteve, Sr. Developer Advocate at Snyk
0:30
AMA: Security Student and Capture the Flag Winner
Guest: myDonut, CTF winner and security student
1:00
Getting Started with Security & DevSecOps
Louis Cremen, Technical Instructor at DDLS
2:00
Building & Securing Open Source & Community Apps
Grace Benedek Rooney, Developer Evangelism Manager at Xero
2:30
Monitoring, Debugging & Securing a Stack
Steve Ng, Principal Developer Relations Lead Engineer at New Relic
3:00
Going with the Security fl0
Natalie Byrgiotis, Developer Relations Lead at Fl0
3:30
Securing Applications on AWS
Pouya Ghotbi, Security, Risk & Compliance Advisor for Public Sector & Lucas Kauffman, AWS Security Consultant
4:00
Hands on Securing MongoDB
Stephen Steneker, Director of Community at MongoDB
5:00
はじめに:The Big Fixの概要とSnykのセットアップ
Hosted by Toshi Aizawa, Solutions Engineer at Snyk
5:30
Snyk井戸端会議:DIVX CTO の田島さんと語る!
Yuya Tajima, CTO at DIVX
6:00
Things to Remember for Application Security
Vandana Verma, Security Relations Leader at Snyk & Gopal Gupta
6:30
Taking the Security First Approach to App Development
Vandana Verma Sehgal, Senior Developer Advocate at Snyk & Soumen Mukherjee, Security Architect at Barco
7:00
AMA: Getting Started as a Dev/Sec/Ops
Ashleigh Wilson, Developer Trainer at Coder Academy
7:30
Securing and Contributing to Drupal
Solihin Jinata, Director at Pixel Onion
8:00
The Big Fix Livestream Sun Rises in EU
Hosted by Brian Vermeer, Sr. Developer Advocate at Snyk
9:00
Hacking & Patching Node.js Security Vulnerabilities
Liran Tal, Director of Developer Advocacy at Snyk
10:00
Keep your Java Code Secure with Snyk
Sarah Usher, Sr. Software Engineer at Snyk
10:30
Live Broadcasting Security: The Dreaded Secrets Revealed on Stream
Andy Morrell, Head of Development at Slevinth Heaven Ltd
11:00
The power of a Security Community
Waleed Arshad, Community Manager at Snyk
12:00
Becoming a Secure Developer in Go
Noa Moshe, Associate Solutions Engineer at Snyk
12:30
Mitigate Supply Chain Risk with Snyk Advisor
Oren Hacohen, Director of Growth at Snyk
13:00
Snyk Learn: Securing Kubernetes
Matt Jarvis, Director of Developer Relations at Snyk
14:00
Becoming a Secure Python Developer
Lilli Kastilio, Technical Solutions Architect at Snyk
14:30
Setting Up SSL Certificates for Node.js
Instafluff (Raphael Mun), Senior Software Engineer
15:00
Mother Nature’s Security Advice
Grace Jansen, Developer Advocate at IBM
15:30
Security Scanning At Scale
Chris Walz, Senior Product Security Engineer at Atlassian & Will Ratner, Senior Product Security Engineer at Atlassian
16:00
Good Morning AMER
Hosted by Brian Clark, Sr. Developer Advocate at Snyk
16:30
Getting Started with Snyk Code
Nate Michalov, Sr. Solutions Engineering at Snyk
17:00
Continuous Improvement Calls for Continuous Security: Meet the Community
Vandana Verma Sehgal, Security Relations Leader at Snyk & Kayla Underkoffler, Senior Security Technologist at HackerOne
17:30
Card Testing: A Developer’s Guide to Fighting Against the Dark Web
Paul Asjes, Developer Advocate at Stripe
18:00
Using Argo CD at Scale Securely
Dan Garfield, Co-Founder and Chief Open Source Officer at Codefresh
18:30
IAM Going Down the Rabbit Hole
Val Komarov, Consulting Engineer at Rapid 7
19:00
The State of Cybersecurity Education
Kyle Suero, Security Advocate at Snyk & Professor Jonathan Weissman
19:30
Intro to GitHub for Open Source Projects
Dr. Sarah Guthals, Developer Advocate
20:00
“But it worked on my machine!” Testing your Code Locally Like it Runs in Production Using Docker Desktop
Eric Smalling, Senior Developer Advocate at Snyk & Peter McKee, Head of Community & Developer Relations at Docker
21:00
How You Can Best Prioritize and Fix Vulnerabilities
Scott Gerlach, Co-Founder & CSO at StackHawk
22:00
How Databases Fit into a Serverless World
James Q Quick, Staff Developer Advocate at PlanetScale
22:30
Fireside Chat: Avoiding Breaches
Alex Lawrence, Principal Security Architect at Sysdig
23:00
Hacking Lessons from Movies and Other Questionable Sources
Casey Bisso, Head of Product & Developer Relations at BluBracket & Alexandria, Developer Advocate at BluBracket
23:30
The Big Fix-A-Thon Wrap Up
Randall Degges, Head of Developer Relations & Community at Snyk
FAQ’s
You have questions and we have answers. How do I register? How do I qualify to receive swag? These questions and more are answered below. If you don’t find an answer for a question you have you can share it during the live stream for the hosts to help answer! Or better yet, email us! We love emails and would love to hear from you. Send us a message at thebigfix@snyk.io.
How do I register?
+
Go to the sign up form on this page and provide your name and email address. If you already have a Snyk account make sure you use the same email address in this registration form.
How do I qualify to receive swag?
+
- Register for the Big Fix event via the form on this page and ensure your email address is associated with the Snyk account you will use to fix vulnerabilities. Then create a Snyk account if you don’t already have one, import your project(s) to Snyk where they will be scanned for security issues, and fix at least one of the identified issues.
- You can get started fixing security issues TODAY to qualify for swag once the event ends, no need to wait! Regardless, we’d love to have you join our Discord community of fixers and our 24-hour live stream on February 25th!
When will raffle winners be announced?
+
We will be announcing raffle winners at two separate times: during our 24-hour live stream (more info on this below), as well as a few days after the event. We’ll directly message all raffle winners with information on how to claim their prize.
How do I join the live stream and where do I get help to get started?
+
- We’ll be streaming to both Twitch and YouTube so you can tune in and chat with us on whichever platform you prefer. Make sure to set a reminder in your calendar!
- Discord – Join our community Discord where you’ll be able to chat with other fixers like yourself, as well as seasoned security experts who can help answer your questions and resolve security issues! You can join Discord by clicking the following link: https://discord.gg/NXuz63GmUt
- What do I do after joining Discord?
- When you enter the community, you’ll need to confirm your email addresses and enable 2FA.
- Following that, you’ll need to confirm that you have read the rules and accept the Ts and Cs before being allowed into our channels
- Once you’ve accepted the Ts and Cs, head to the “🛠-the-big-fix” channel in the “🍿 Events and recordings” category and say hi!
How do I convince my boss?
+
Use this email template to explain the benefits of dedicating time to fixing vulnerabilities and the value of participating in this free event as a team.
Hey Boss,
In light of the recent Log4j vulnerabilities, I would like my team to dedicate some time this month to start fixing vulnerabilities in our codebase.
I found a free online event called The Big Fix where our team can get advice and troubleshooting support from security experts, plus earn rewards for fixing vulnerabilities in our projects. I’d love for our team to join this event for the following reasons:
- We want to ensure our developers are educated on proactive security best practices so they can deliver secure code quickly. At this event we’ll speak with security experts to help our team learn the ropes.
- Fixing security issues in applications is important, but oftentimes intimidating. Taking on this responsibility in a fun, global competition allows us to work as a team and learn in a blameless environment.
- Security is a massive priority for every development team. The event live stream will also introduce our team to specific vulnerability patterns, like Cross Site Scripting, for example. Taking this on as a group activity will allow us to build momentum for prioritizing security in 2022.
The event is on Feb 25, 2022 (a Friday) and I think it would be a huge help to our growth as a team to participate. Can we get approval for the team to spend the day learning about, identifying, and fixing security issues in our products as part of The Big Fix event?
Securely,
Your teammate