Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Snyk

Trend Micro launches Cloud One Open Source Security powered by Snyk

May 10, 2021 By Geva Solomonovich In Snyk

Last summer, we announced our plan to expand our partnership with Trend Micro to provide security operations teams visibility and tracking of vulnerabilities and license risks in open source components. The long-standing partnership already includes container image security scanning that leverages Snyk’s proprietary vulnerability database.

Read Post

Hack my misconfigured Kubernetes at Kubecon Europe

May 10, 2021 By Snyk In Snyk
In the last few years, we’ve seen more and more responsibilities shift left – to development teams. With the widespread adoption of Kubernetes, we’re now seeing configurations become a developer issue first and foremost. This responsibility means that developers need to be aware of the security risks involved in their configurations.
View Video

The State of Infrastructure as Code Security at Kubecon Europe

May 10, 2021 By Snyk In Snyk
The adoption of infrastructure-as-code and configuration-as-code is soaring with the rising popularity of technologies like Kubernetes and Terraform. This means that designing and deploying infrastructure is a developer task, even if your “developer” is an infrastructure architect, and, just like application code, configurations can use test-driven methodologies to automate security prior to deployment.
View Video
Snyk

SuiteCRM: PHAR deserialization vulnerability to code execution

May 7, 2021 By Sam Sanoop In Snyk

SuiteCRM is a free and open source Customer Relationship Management application for servers. This advisory details a PHAR deserialization vulnerability that exists in SuiteCRM which could be leveraged by an authenticated administrator to execute commands on the underlying operating system. This issue has been fixed in release 7.11.19. In PHP, PHAR (PHP Archive) files can be used to package PHP applications and PHP libraries into one archive file.

Read Post
Snyk

Snyk Code is now available for free

May 6, 2021 By Frank Fischer In Snyk

Snyk’s mission is to empower developers and DevOps teams to secure their applications. As part of that security mission, Snyk offers a Free plan for Snyk Open Source, Snyk Container, and Snyk Infrastructure as Code, so all developers can code securely. Today, we’re excited to announce that Snyk Code is now available for free as well.

Read Post
Snyk

Snyk uncovers malicious code activities in open source supply chain security on the npm registry

May 5, 2021 By Liran Tal In Snyk

Open source helps developers build faster. But who’s making sure these open source dependencies (sometimes years out of development) stay secure? In a recent npm security research activity, Snyk uncovered a total of 8 npm packages which matched a specific malicious code vector of attack. This specific attack vector of the malicious packages included packages which had pre/post install scripts, which allowed them to run arbitrary commands when installed.

Read Post
Snyk

GitHub Security Code Scanning: Secure your open source dependencies

May 4, 2021 By Daniel Berman In Snyk

We are happy to announce Snyk Open Source support for GitHub Security Code Scanning, enabling you to automatically scan your open source dependencies for security vulnerabilities and license issues, as well as view results directly from within GitHub’s Security tab! A key ingredient of Snyk’s developer-first approach is integrating Snyk’s security data into the exact same processes that developers are using, whether this is within a developer’s IDE or a Git-based workflow.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.