DevSecOps

Yes, DevSecOps is a buzz-word, but it’s an important one! Security has an important part to play in application lifecycles and workflows. Learn how you can best integrate security into your existing pipelines.

Developer Driven Workflows – Dockerfile & image scanning, prioritization, and remediation

When deploying applications in containers, developers are now having to take on responsibilities related to operating system level security concerns. Often, these are unfamiliar topics that, in many cases, had previously been handled by operations and security teams. While this new domain can seem daunting there are various tools and practices that you can incorporate […]

March 25, 2021

DevSecOps tools for open source projects in JavaScript and Node.js

In this article, I’d like to propose best practices and discuss how maintainers, and developers, can adopt DevSecOps tools for open source projects to better improve their security posture. We are not short on security incidents and horror stories about malicious packages in the JavaScript open source ecosystem. As citizens of the open source ecosystem, […]

November 24, 2020

Tips to scale your DevSecOps organization from Gene Kim and Guy Podjarny

During SnykCon 2020, author and researcher Gene Kim sat down with Snyk co-founder and President Guy Podjarny and a small group of Snyk VIPs to talk about (Sec)DevOps—where we started, how far we’ve come, and strategies for getting the most value out of the practice. The conversation spanned from philosophical questions to real-world implementations, and […]

November 2, 2020

Key approaches for effective security risk management & prioritization

There’s no easy way of being 100% secure, and although you can become more secure, there definitely isn’t one way of getting there. “The safest thing is to do nothing” is a great cliche, but in the case of software security, this is almost never the case. Starting with the very first line of code […]

October 27, 2020

SnykCon Day Two wrap-up: Integrations and partnerships galore & session highlights

The second and final day of SnykCon 2020 is in the books, and we hope you enjoyed it as much as we did. This post will share some of the product announcements—including a few big partnerships and integrations—plus takeaways from a few of the provocative, in-depth sessions we hosted. We also share session videos in […]

October 22, 2020

SnykCon Day One wrap-up: Snyk Code, carbon neutrality & session highlights

Day One of SnykCon 2020 is in the books. In this post, we’re bringing you a recap of all the news fit to print, plus a peek into some of the eye-opening sessions we heard today. Have a read and join us for Day Two tomorrow. Snyk Code, developer-first SAST, extends Snyk Platform Today, we […]

October 21, 2020

Why your team should attend SnykCon 2020

SnykCon is less than 2 weeks away! In 2020, meeting and engaging with others is more important than ever before. Our goal with SnykCon was to create a conference to bring the DevSecOps community together for 2 days of sharing, learning, and fun. Need a few great reasons to send your team? Read on! 1. […]

October 7, 2020

The DevOps virtual conference we built with the help of Snyk and Patrick Debois

Great physical conferences are magical. You learn from incredible talks, you’re exhilarated by being surrounded by the best in the game, you find fellow travelers who share similar goals and experience, similar struggles that you hope to conquer together, and so much more. The connections you make at conferences often lead to lifelong friendships and […]

June 19, 2020

Snyk launches DevSecOps Hub

Many organizations are shifting to a DevSecOps culture for software delivery. The idea of a developer-centric software delivery model that broke down silos and removed barriers to deployment was born as DevOps in 2008. This efficient approach to software delivery has evolved and grown over the past decade. As organizations have figured out what DevOps […]

May 20, 2020

Secure development when working from home — tips and tricks

Secure development while remote  As we brace ourselves to an extended period of working from home, we need to re-evaluate various ways of working – and security is no exception. Remote collaboration, which is new to many, may require some changes to your security practices or priorities.  And so, here are a few suggestions of […]

March 30, 2020

The State of Open Source Security Survey – 2020

Snyk is currently building our annual State of Open Source Security report and we want to hear from you! Complete this brief survey to help guide our research.

March 25, 2020