Security Resources

'Snyk-In': Product Walkthrough

We've all talked about the value of dev-first security tooling that enables collaboration between developers and security team. Watch a session with a Snyk engineer to see how the Snyk product addresses this.

Selecting Your Open Source Security Platform: Why Asurion Chose Snyk

Application security initiatives remain a top priority for many security and devops pros. Whether you’re considering a new tool to add to your stack, or researching ways to improve your current appsec strategies, you will find value in the insights shared by Mark Geeslin, Senior Director of Product Security at Asurion.

Fast or Secure? You Can Only Pick Two

The holy grail of DevSecOps is providing engineering teams all the speed and efficiency they want, while at the same time giving security teams the strong security they need. There’s really no need to choose between speed and security with fully automated software risk assessment.

Snyk Code: An Introduction to Dev-First SAST

Conventional Static Application Security Testing (SAST) tools are limited by lengthy scan times and poor accuracy – returning too many false positives. Sound familiar? That's why Snyk developed a new approach to finding and fixing code vulnerabilities with a developer-friendly experience – introducing: Snyk Code!

The DevSecOps Journey: When Migrating Your Containerized Applications to AWS Cloud Platform

Now more than ever, organizations are migrating on-premises workloads to the cloud. With a boost in agility and scalability, companies can more easily support demand increases and fast delivery of new revenue-generating services. The business value impact is immediate, which is especially important in today's challenging climate.

Building Container Security into your SDLC

The popularity of Kubernetes and Docker containers makes detecting and fixing application vulnerabilities a team sport. The use of containers shifts the responsibility of fixing vulnerabilities in both code and configuration to developers. However, security teams are still ultimately responsible for the company’s reputation and customer data and DevOps teams must build safeguards and gates into the SDLC.

Mastering Application Security at a Security Company

Modern application development demands rapid and secure code releases – leaving developers overwhelmed and stretched for resources. On top of that, recent ESG report on Modern Application Security Development finds that development teams lack proper security knowledge, tooling, and training. So, how did CyberArk get “shift left” right?

Adding Container Security to Docker Hub from Snyk

Docker has expanded its partnership with Snyk beyond Docker Desktop to enable individual developers and teams to automatically monitor, identify and resolve security issues in their applications to securely share and collaborate on Docker Hub.

Securing Your Infrastructure Before, During and After Deployment

Although benefits of cloud-native app development are well documented, organizations struggle to figure out how to best secure their cloud environments without negative impacts to team velocity without restricting their benefits. Developers want access to resources to complete development tasks - quickly, while security administrators are challenged with ensuring the applications and the environments they’re deployed to remain secure.

SANS Webinar: What's in Your FinServ Software?

Tracking the software and software components that an organization uses in its products and its operations is crucial for responding to emergency threats. However, building and maintaining these Software Bills of Materials (SBOMs) is very challenging, especially across large enterprises.

Day in the Life of a DevSecOps Professional

Interactive discussions and technical demos with cyber-security experts from RedHat, Snyk and Portshift discussing the modern role of DevSecOps. They address the challenges teams face in their daily activities to ensure secure development, testing and deployment of containerized applications in OpenShift clusters.

Prioritise your container vulnerabilities: Based on Kubernetes workload configuration

We all know how many vulnerabilities there are in container images - how can you prioritize which ones to fix first? What if you could prioritize them based on your Kubernetes workload configuration? Join us to learn how Snyk Container solves the problem by assigning a vulnerabilities priority score based on how well configured your workload is.