Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk is proud to launch a new Global Service Provider program designed to give leading solution providers the resources they need to bring our developer-first tools and methodologies into their services and support customers on their DevSecOps journey. We designed this program to support our service delivery partners in building services around Snyk, whether for outsourced application development, helping customers achieve their DevSecOps goals, or supporting their cloud native journey.

Gone are the days when gate-based security processes were the most effective way to ensure security of an organization’s external attack surface. Getting the security team to sign off on every new application or asset before they go live simply is not scalable.

Now, there’s a loaded question. With so many preceding it: What do we mean by AI? Which aspects of what data are we referring to When it comes to AI? Are ethical practices universal? So, here are a few things to consider.

While the pandemic brought on unprecedented challenges related to full-scale telework, it has also moved cybersecurity to the top of the U.S. government’s agenda. I have been very encouraged by the various actions taken by the Biden administration, beginning with the May 2021 executive order directing federal agencies to rapidly adopt a Zero Trust architecture.

We’re making it easier for Phantom wallet owners to save their account password, secret recovery phrase, and wallet address in 1Password. Phantom is a digital wallet that lets you manage cryptocurrencies, tokens, and NFTs built on the Solana blockchain.

The “agents or no agents” debate is ancient and eternal. Every decade or so, we go through another round of “agents are terrible, let’s end them” and “we need more visibility and control to secure the system, maybe we’ll call it a ‘sensor’ this time.” We ultimately always land on the same conclusion. There are no silver bullets. Today, the debate is alive and well because cloud is the new frontier, so surely agents are dead this time?

I have seen quite a few articles of late proclaiming that a major cyberattack against Australia is imminent as a result of the ongoing situation in Ukraine, and in truth it's kind of riled me up a bit. The most recent announcements about Australia promising cyber support to Ukraine has increased speculation on this question.

S3 buckets without encryption can leave sensitive data exposed and at risk. As a best practice and to meet a number of industry and governmental regulations, it’s important to ensure that S3 server side bucket encryption has been properly applied at all times. To do this, many security teams rely on their Cloud Posture Security Management (CSPM) platform and/or AWS GuardDuty to monitor their AWS resources and provide alerts when an S3 bucket is found unencrypted.

In the world of cybersecurity, artificial intelligence (AI) has changed the way we discover, respond, and recover from cyberattacks. But despite the several advancements of AI in cybersecurity, cyberattacks are becoming more and more dangerous because of AI. Cybercriminals are now leveraging existing artificial intelligence tools and AI-based technologies for use in their own attacks, and as a result, cyber threats and attacks are becoming harder to prevent.

Enterprises today rely on partners and vendors to help manage their data. Some companies depend on third-party infrastructure for day-to-day operations, so understanding the regulations and protection standards that a service provider is promising to uphold is very important.