Jan 18 – Feb 25, 2022

The Big Fix

That’s a wrap! The Big Fix brought together developers, DevOps, and security practitioners of all skill levels to help make the internet more secure through a month of fixing vulnerabilities, ending in a 24-hour livestream event.

We went big!

0

Projects scanned

0

Vulnerabilities found

0

Vulnerabilities fixed

202,200

 vulns fixed

Why 202,200? The Big Fix aims to make security 100 times better in 2022. 100 * 2022 = 202,200!

Secure your projects

Even though the Big Fix is over, you can still sign up for Snyk and start securing your projects.

Get started

Join the community

Join Discord to make friends, learn, and discuss all things security.

Join Discord

Follow more on Twitch

Watch new livestreams or relive the 24-hour Big Fix-A-Thon on Twitch.

View on Twitch

Feb 25 at 

0:00

02/25/2022

The Big Fix-A-Thon is done

We had a blast at the 24-hour livestream full of security experts, industry leaders, and experienced developers. We hope you were able to attend a session or ten and leave a secure developer.

Select your timezone

Good morning APJ

0:00

 – 

8:00

Hello EMEA

8:00

 – 

16:00

Howdy AMER

16:00

 – 

0:00

0:00

Welcome to the Big Fix-A-Thon

Hosted by DeveloperSteve, Sr. Developer Advocate at Snyk

0:30

AMA: Security Student and Capture the Flag Winner

Guest: myDonut, CTF winner and security student

1:00

Getting Started with Security & DevSecOps

Louis Cremen, Technical Instructor at DDLS

2:00

Building & Securing Open Source & Community Apps

Grace Benedek Rooney, Developer Evangelism Manager at Xero

2:30

Monitoring, Debugging & Securing a Stack

Steve Ng, Principal Developer Relations Lead Engineer at New Relic

3:00

Going with the Security fl0

Natalie Byrgiotis, Developer Relations Lead at Fl0

3:30

Securing Applications on AWS

Pouya Ghotbi, Security, Risk & Compliance Advisor for Public Sector & Lucas Kauffman, AWS Security Consultant

4:00

Hands on Securing MongoDB

Stephen Steneker, Director of Community at MongoDB

5:00

はじめに:The Big Fixの概要とSnykのセットアップ

Hosted by Toshi Aizawa, Solutions Engineer at Snyk

5:30

Snyk井戸端会議:DIVX CTO の田島さんと語る!

Yuya Tajima, CTO at DIVX

6:00

Things to Remember for Application Security

Vandana Verma, Security Relations Leader at Snyk & Gopal Gupta

6:30

Taking the Security First Approach to App Development

Vandana Verma Sehgal, Senior Developer Advocate at Snyk & Soumen Mukherjee, Security Architect at Barco

7:00

AMA: Getting Started as a Dev/Sec/Ops

Ashleigh Wilson, Developer Trainer at Coder Academy

7:30

Securing and Contributing to Drupal

Solihin Jinata, Director at Pixel Onion

8:00

The Big Fix Livestream Sun Rises in EU

Hosted by Brian Vermeer, Sr. Developer Advocate at Snyk

9:00

Hacking & Patching Node.js Security Vulnerabilities

Liran Tal, Director of Developer Advocacy at Snyk

10:00

Keep your Java Code Secure with Snyk

Sarah Usher, Sr. Software Engineer at Snyk

10:30

Live Broadcasting Security: The Dreaded Secrets Revealed on Stream

Andy Morrell, Head of Development at Slevinth Heaven Ltd

11:00

The power of a Security Community

Waleed Arshad, Community Manager at Snyk

12:00

Becoming a Secure Developer in Go

Noa Moshe, Associate Solutions Engineer at Snyk

12:30

Mitigate Supply Chain Risk with Snyk Advisor

Oren Hacohen, Director of Growth at Snyk

13:00

Snyk Learn: Securing Kubernetes

Matt Jarvis, Director of Developer Relations at Snyk

14:00

Becoming a Secure Python Developer

Lilli Kastilio, Technical Solutions Architect at Snyk

14:30

Setting Up SSL Certificates for Node.js

Instafluff (Raphael Mun), Senior Software Engineer

15:00

Mother Nature’s Security Advice

Grace Jansen, Developer Advocate at IBM

15:30

Security Scanning At Scale

Chris Walz, Senior Product Security Engineer at Atlassian & Will Ratner, Senior Product Security Engineer at Atlassian

16:00

Good Morning AMER

Hosted by Brian Clark, Sr. Developer Advocate at Snyk

16:30

Getting Started with Snyk Code

Nate Michalov, Sr. Solutions Engineering at Snyk

17:00

Continuous Improvement Calls for Continuous Security: Meet the Community

Vandana Verma Sehgal, Security Relations Leader at Snyk & Kayla Underkoffler, Senior Security Technologist at HackerOne

17:30

Card Testing: A Developer’s Guide to Fighting Against the Dark Web

Paul Asjes, Developer Advocate at Stripe

18:00

Using Argo CD at Scale Securely

Dan Garfield, Co-Founder and Chief Open Source Officer at Codefresh

18:30

IAM Going Down the Rabbit Hole

Val Komarov, Consulting Engineer at Rapid 7

19:00

The State of Cybersecurity Education

Kyle Suero, Security Advocate at Snyk & Professor Jonathan Weissman

19:30

Intro to GitHub for Open Source Projects

Dr. Sarah Guthals, Developer Advocate

20:00

“But it worked on my machine!” Testing your Code Locally Like it Runs in Production Using Docker Desktop

Eric Smalling, Senior Developer Advocate at Snyk & Peter McKee, Head of Community & Developer Relations at Docker

21:00

How You Can Best Prioritize and Fix Vulnerabilities

Scott Gerlach, Co-Founder & CSO at StackHawk

22:00

How Databases Fit into a Serverless World

James Q Quick, Staff Developer Advocate at PlanetScale

22:30

Fireside Chat: Avoiding Breaches

Alex Lawrence, Principal Security Architect at Sysdig

23:00

Hacking Lessons from Movies and Other Questionable Sources

Casey Bisso, Head of Product & Developer Relations at BluBracket & Alexandria, Developer Advocate at BluBracket

23:30

The Big Fix-A-Thon Wrap Up

Randall Degges, Head of Developer Relations & Community at Snyk

FAQ’s

You have questions and we have answers. How do I register? How do I qualify to receive swag? These questions and more are answered below. If you don’t find an answer for a question you have you can share it during the live stream for the hosts to help answer! Or better yet, email us! We love emails and would love to hear from you. Send us a message at thebigfix@snyk.io.

How do I register?

+

Go to the sign up form on this page and provide your name and email address. If you already have a Snyk account make sure you use the same email address in this registration form.

How do I qualify to receive swag?

+

  • Register for the Big Fix event via the form on this page and ensure your email address is associated with the Snyk account you will use to fix vulnerabilities. Then create a Snyk account if you don’t already have one, import your project(s) to Snyk where they will be scanned for security issues, and fix at least one of the identified issues.
  • You can get started fixing security issues TODAY to qualify for swag once the event ends, no need to wait! Regardless, we’d love to have you join our Discord community of fixers and our 24-hour live stream on February 25th!

When will raffle winners be announced?

+

We will be announcing raffle winners at two separate times: during our 24-hour live stream (more info on this below), as well as a few days after the event. We’ll directly message all raffle winners with information on how to claim their prize.

How do I join the live stream and where do I get help to get started?

+

  • We’ll be streaming to both Twitch and YouTube so you can tune in and chat with us on whichever platform you prefer. Make sure to set a reminder in your calendar!
  • Discord – Join our community Discord where you’ll be able to chat with other fixers like yourself, as well as seasoned security experts who can help answer your questions and resolve security issues! You can join Discord by clicking the following link: https://discord.gg/NXuz63GmUt
  • What do I do after joining Discord?
    • When you enter the community, you’ll need to confirm your email addresses and enable 2FA.
    • Following that, you’ll need to confirm that you have read the rules and accept the Ts and Cs before being allowed into our channels
    • Once you’ve accepted the Ts and Cs, head to the “🛠-the-big-fix” channel in the  “🍿 Events and recordings” category and say hi!

How do I convince my boss?

+

Use this email template to explain the benefits of dedicating time to fixing vulnerabilities and the value of participating in this free event as a team.

Hey Boss, 

In light of the recent Log4j vulnerabilities, I would like my team to dedicate some time this month to start fixing vulnerabilities in our codebase.

I found a free online event called The Big Fix where our team can get advice and troubleshooting support from security experts, plus earn rewards for fixing vulnerabilities in our projects. I’d love for our team to join this event for the following reasons: 

  • We want to ensure our developers are educated on proactive security best practices so they can deliver secure code quickly. At this event we’ll speak with security experts to help our team learn the ropes. 
  • Fixing security issues in applications is important, but oftentimes intimidating. Taking on this responsibility in a fun, global competition allows us to work as a team and learn in a blameless environment.
  • Security is a massive priority for every development team. The event live stream will also introduce our team to specific vulnerability patterns, like Cross Site Scripting, for example. Taking this on as a group activity will allow us to build momentum for prioritizing security in 2022. 

The event is on Feb 25, 2022 (a Friday) and I think it would be a huge help to our growth as a team to participate. Can we get approval for the team to spend the day learning about, identifying, and fixing security issues in our products as part of The Big Fix event? 

Securely, 

Your teammate

Code of conduct | Privacy policy | Terms & conditions 1 | Terms and conditions 2

Footer Wave Top