Customers

MongoDB

MongoDB security team enables secure development with Snyk

Destaque do cliente

Stuart Larsen

Security Engineer

Setor: Tecnologia
Location: New York, USA

Products Featured

Snyk Open Source

Destaques:

MongoDB is Committed to Security: The Security team is focused on helping developers to make smart, secure decisions.

Developer Adoption: Selected Snyk for its quick deployment, ease of use and direct integration with developer workflows and tools like GitHub.

Snyk Dashboard: A helpful tool for communicating to the rest of the organization about security challenges and the need for specific resources.

Integration into Existing Tools: Today, Snyk is tightly integrated into MongoDB’s GitHub, Slack, and Jira instances.

Managing Open Source Security

One of the common challenges of managing security for a fast-paced, growing company is allocating security resources including people, budget and time. The MongoDB security team has many priorities, and time is a high value asset. When Stuart and his team found themselves spending hours manually checking to ensure developers were not using open source libraries with known vulnerabilities, or wading through long CVE lists, they knew there had to be a faster and easier solution.

Before Snyk, our approach to open source security was slow and time-consuming. We did manual checks of our packages before releases for some products (lots of googling and bookmarks), for others we use a collection of smaller tools.”

Scaling security is an important goal for MongoDB

The security team considered several solutions in the market, but found that Snyk’s developer-first approach and automated remediation were important differentiators. Snyk’s quick deployment, ease of use and direct integration with developer workflows and tools like GitHub would help the development team to adopt the solution quickly. MongoDB also considered building a security solution internally but quickly realized that with limited headcount, time and budget, selecting an external tool like Snyk would make their lives easier and allow them to focus on existing development priorities, saving the “hassle and time drain” of building it themselves.

“There’s only a few security engineers at the company, but hundreds of developers; we will never scale with them, so we must proactively enable them."

Snyk Results: Automation = Time Saved

After automating their open source security process with Snyk, Stuart says “they are never going back” to the slow, manual approach they were taking before Snyk. The MongoDB security team now has a tighter loop from when a security issue is identified in a package, to the time they know about it, to the time they fix it. The MongoDB team has built a streamlined workflow for removing third party dependency security issues. The automated process makes finding and fixing vulnerabilities significantly faster - so the security team can focus on other priorities.

Monitoring Security Across the Team

The MongoDB security team now has one integrated Snyk dashboard where all stakeholders can view the Snyk repos they care the most about; everyone on the team, across security and development, knows the status of vulnerabilities and risk, at any time. The Snyk dashboard has also become a helpful tool for communicating to the rest of the organization about security challenges and the need for specific resources.

Customer Data Protection

Customers are asking more often to understand how their data is being protected against third party vulnerabilities. MongoDB is excited to explain how Snyk is tightly integrated into the SDLC to ensure that third party dependencies are identified and resolved as part of the many steps the team takes to protect customer data and important assets.

/about/ MongoDB

"Queremos soluções que permitam aos desenvolvedores tomar decisões fundamentadas sobre segurança."

A MongoDB é uma plataforma moderna de banco de dados de propósito geral, criada para potencializar a capacidade do software e dados para desenvolvedores e os aplicativos que eles criam. Com sede em Nova York, a MongoDB tem mais de 13 mil clientes em mais de 100 países. A plataforma de banco de dados da MongoDB tem mais de 60 milhões de downloads, e a MongoDB University recebeu mais de um milhão de inscrições. Como engenheiro de segurança na MongoDB, Stuart Larsen capacita equipes de engenharia a escrever, criar e implantar aplicativos seguros para garantir que os dados dos clientes fiquem protegidos. A equipe de segurança da MongoDB entende sua responsabilidade de proteger os dados confiados à empresa, seja para escrever código, criar processos ou construir infraestrutura. Stuart está determinado a ajudar os desenvolvedores da sua equipe a tomar decisões seguras desde o início do processo.

Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment

Snyk é uma plataforma de segurança para desenvolvedores. Integrando-se diretamente a ferramentas de desenvolvimento, fluxos de trabalhos e pipelines de automação, a Snyk possibilita que as equipes encontrem, priorizem e corrijam mais facilmente vulnerabilidades em códigos, dependências, contêineres e infraestrutura como código. Com o suporte do melhor aplicativo do setor e inteligência em segurança, a Snyk coloca a experiência em segurança no kit de ferramentas de todo desenvolvedor.

Comece grátisAgende uma demonstração ao vivo