Recent searches
Search options
#snyk
snyk CTF 2025: 
Tolle und faire Aufgaben, tolles Team, gern bald Wieder!
snyk CTF - laeuft. Bzw. lief, weil die Verlängerung nicht eingeplant war/ist. Für mich durch, aber es war toll!
Vorlaeufiger Teamplatz: 81 von knapp 900 mit min. 1 Flag - ich hatte mich erst am Coding Mountain Scripting festgebissen und die Hoehe und Erstbesteigungsjahr von Bergen geraten, und dann einen Lauf beim Reverse Engineering.
Bin gespannt auf Writeups, selbst wirds wohl keine geben. Notizen sind vorhanden auf Anfrage.
Done with warm-up exercises for snyk CTF on Feb 27th - thanks for the fun @snyk
Generating SBOMs with the Snyk CLI is easier than you think. If you’re looking for a way to improve security, transparency, and compliance, this guide breaks it down step by step. Check it out: https://buff.ly/494sOyT
#SBOM #DevSecOps #Snyk
Six years ago, I joined a small but ambitious team of fewer than 100 people called Snyk. Today, I’m grateful for the growth, challenges, and amazing people along the way.
hey folks, jump into our wild and crazy DevSecOps stream! 
Hit us up with a comment if my background setup catches your eye 
Marek Šottl, #cloud #aws #snyk expert and #tech speaker, is launching his own company focused on #devsecops
"Let's champion the practice of early and frequent scans of, amongst others, #Java and #Kotlin code. It's a decision that pays dividends in code quality, security, and peace of mind — benefits that, as developers, we all can appreciate," @brianverm of #Snyk shares security tips!
https://foojay.io/today/four-easy-ways-to-analyze-your-java-and-kotlin-code-for-security-problems/
What's your favorite tool or method of securing 3rd party packages against vulnerabilities, "supply chain attacks", and malicious packages in a #dotnet, #javascript and #Docker / #Kubernetes setting?
Is it #Snyk, #FOSSA, #SonarQube / #SonarCloud, or something else entirely?
Boosts and recommendations highly appreciated. 
Infosec products of the month: May 2024 https://www.helpnetsecurity.com/2024/06/03/infosec-products-of-the-month-may-2024/ #SecureCodeWarrior #AbnormalSecurity #AdaptiveShield #Cybersixgill #ManageEngine #SentinelOne #StrikeGraph #AuditBoard #Forcepoint #Proofpoint #Truecaller #Detectify #Eclypsium #SumoLogic #CyberArk #Dashlane #ExtraHop #OneTrust #PlexTrac #Synopsys #Appdome #Cranium #Datadog #FireMon #Trellix #Splunk #Calix #OWASP #News #Snyk
New infosec products of the week: May 3, 2024 https://www.helpnetsecurity.com/2024/05/03/new-infosec-products-of-the-week-may-3-2024/ #SecureCodeWarrior #Cybersixgill #Proofpoint #Synopsys #Appdome #News #Snyk
Snyk AppRisk Pro leverages AI and third-party integrations for faster risk mitigation https://www.helpnetsecurity.com/2024/05/02/snyk-apprisk-pro/ #Industrynews #Snyk
Today in #snyk: the fucking thing isn't running at all. Just says:
There was a problem running Code analysis.
Contact support if the problem persists.
It may be impossible to comprehend the unfathomable depths to which I am unimpressed by this fucking tool.
Fuck #snyk. I'm disabling the fucking thing to the best of my ability and raising a bug against the fuckers who enabled it on my repo. Let them do manual fuzz testing against an undocumented CLI in the hopes of stumbling across something that works.
We had a #snyk vulnerability report about an insecure TLS version. It looked reasonable so we changed the default minimum to TLS 1.3, but it kept complaining. What to do?
I can:
* Clicky in a GUI somewhere I'll never find again. That's a hard no.
* Edit a `.snyk` file to add an exclusion for this specific warning in this specific file. After reading the docs carefully I cannot make this work.
* Edit my `.snyk` file to tell it to fuck off entirely.
That last option is looking attractive.