January in review: funding news, DevSecOps insights study, and much more
From the blog
Snyk closes $150M to accelerate developer-first security
We are thrilled to announce that Snyk has closed $150 million in funding to accelerate our vision to bring a new approach to application security, enabling businesses to continuously build security into their application development process and culture. Read more here. And you guessed it, we’re hiring! Check out our open positions. Come join our amazing team!
NEW! DevSecOps insights study
We partnered with Puppet to dig deeper into the trends of DevSecOps adoption. Among our findings? 37% of companies still aren’t implementing security testing in CI. Read the full study here.
Hear it straight from the authors Snyk’s Alyssa Miller & Liran Tal and Puppet’s CTO, Nigel Kersten in this week’s webinar – sign up for the North America version on Jan 30th at 11 am ET here or the EMEA version on Jan 30th at 2pm GMT here now.
Why security should be scaled through DevSecOps & dev-first security
Digital transformation is not a buzzword – it’s a force. Our Founder and President, Guy Podjarny recently commented on why he thinks scaling security needs to happen through DevSecOps & dev-first security. Read his blog post here.
Security in the news
Containers in the cloud: false assumptions and security challenges
Putting applications into containers does not make them secure. But smart security controls do. This article from Security Intelligence uncovers how and what you should focus on in 2020. Read more
Reverse shell through a Node.js math parser
Alexander Anderson, part of the TrueSec Security Team performed a penetration test of a typical single-page application, exposing a static React web app and a REST API written in Node.js. This article details how he discovered and exploited a critical vulnerability that allowed unauthenticated arbitrary remote code execution. Read more
Improved Linux vulnerability severity definitions
We know having too many vulnerabilities can be overwhelming; we strive to help you focus where it matters most. Snyk now brings distro-specific severities for our Linux vulnerabilities. Read more in our updates.
New CLI tool feature
We’re excited to announce that we’ve released a new CLI tool feature: you can now scan your entire directory and test all of your manifest files. Use the new –all projects parameter in our CLI. We’ve also added additional flexibility around this feature. Read about it in our full CLI reference.
Check out our YouTube channel
Have you ever visited us on our YouTube channel? Now’s the time! Stop over and check out our new video: Stop over to learn how to find vulnerabilities using your CLI.
Stay up-to-date with product development from our in-app widget
Visit us at https://updates.dev.snyk.io/ and never miss the feature you’ve been waiting for again.
Meet the Snyk team on the road:
OpenShift Commons Gathering London | 29 January | London
BSides SF | 22-24 February | San Francisco, CA
RSA Conference | 24-28 February | San Francisco, CA | Moscone South, Booth # 2162 – Don’t miss Snyk’s Alyssa Miller’s talk Losing our Reality: How Deepfakes Threaten Global Markets
BSides Tampa | 29 February | Tampa, FL
Jfokus | 3-5 February | Stockholm
Snyker of the Month
Get a behind-the-scenes look into one of the incredible team members behind our software