Customers

The Telegraph

Protecting code at The Telegraph using Snyk Open Source and Snyk Container

Customer Spotlight

Ciro Rizzo

Head of Engineering

Industry: Media
Location: United Kingdom

Highlights:

Reduced risk exposure of Telegraph Media Group’s platform and media portfolio— 

Mitigated third-party dependency issues with Snyk Open Source

Secured containerised architecture using Snyk Container

Gained greater confidence in the overall security posture of the company

The Challenge: Protecting The Telegraph’s platform & content

Over the years, Telegraph Media Group has grown its media portfolio to include several websites, mobile app, print titles, and more. This multi-platform digital approach leverages a microservices architecture for sharing data and content amongst internal systems and third parties. Since content is Telegraph Media Group’s greatest asset, the company knew that prioritising the security of its platform and API was crucial.

“As a major media publisher one of TMG's top priorities is a secure website and code” stated Ciro Rizzo, Head of Engineering. “Together with our security team, we wanted to make sure that all the code that we produce was protected from any potential issues.”

The Solution: Integrating Snyk with automated CI/CD pipeline

Telegraph Media Group wanted to ensure all internal software development follows security best practices. That’s why the company chose to integrate Snyk Open Source into its continuous integration and continuous delivery (CI/CD) pipeline. Snyk Open Source detects vulnerabilities within third-party dependencies so that the TMG can have confidence that its services are up to the company’s security standards.

“A product like Snyk helps us to identify areas of our services that are potentially exposed to threats from external actors,” Rizzo explained. “As part of our digital transformation, our development team works together with the security team to keep our software in a good security state. And now that Snyk is part of our CI/CD pipeline, security checks are always done earlier during development.”

Since TMG’s platform and APIs are almost entirely containerised services running on Kubernetes in the cloud, the company uses Snyk Container as well. Snyk Container ensures the Docker images, and even Dockerfiles themselves, are secure before any microservices are deployed into production. Snyk can also monitor newly deployed Kubernetes workloads to detect misconfigurations or potentially unsafe cluster settings.

Prioritising vulnerability mitigation

While the initial scan results from Snyk could be overwhelming for some organizations, the tool aims to reduce the effort involved with issue remediation by classifying vulnerabilities based on severity. This helped the TMG take an iterative approach to mitigating issues so that the company could efficiently improve its application security with each successive code release.

“An important feature Snyk has is a very complete vulnerability database that classifies security issues,” Rizzo said. “Since we had a roadmap of outstanding vulnerabilities, we could reduce our risk exposure right away by focusing on the high severity issues first. The Snyk reports really helped our security and engineering teams prioritise vulnerability fixes since the early stage”.

The Impact: Improved confidence in overall security posture

Introducing Snyk into the TMG’s CI/CD pipeline has dramatically improved the company’s security posture. In fact, the TMG’s security team now has more confidence that developers are proactively minimising the risk exposure of their platforms and APIs as soon as new code is released. As a result, the TMG can continue to safely publish content that inspires its readers.

“From a technical perspective, we trust the Snyk reports and feel much more confident in the security of our software,” Rizzo said. “Snyk has also increased the pace that we can detect and minimise any risk exposure for our services.”

About The Telegraph

The Telegraph is a leading news organisation renowned for its award-winning journalism, and aims to inspire readers by delivering high-quality journalism across its digital and print media outlets. The company has continued to adapt to changes in the media industry over the past 166 years of operation, including the launch of its online offering in 1994. The Telegraph was the first U.K. publisher to shift online and has since implemented a digital subscription model to further improve engagement and scalability.

Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer’s toolkit.

Start freeBook a live demo