Snyk completes its code security tools for developers

Read Time:1 Minute, 58 Second

On SnykCon, the editor Snyk presented the evolutions of its code security platform including support for C #, Ruby, PHP and Go languages, added to its static test tool Snyk Code. Snyk Apps now make it possible to integrate the platform’s functionalities into specific workflows.

La Developer Security Platform de Snyk r

What changes should be made between developers and IT security teams to improve the secure development of applications? How to build an AppSec program? Understand the security supply chain for developers? Three topics among those discussed at SnykCon, from October 5 to 7, by Snyk, supplier of tools for securing code, dependencies, containers and infrastructure as a code. These presentations and the technical sessions are accessible on the event website, during which the Boston-based publisher also presented developments on its products.

Within the multi-solution Developer Security Platform, the static testing tool, Snyk Code, uses semantic analysis to present security and performance bugs to developers as they code. Supported languages ​​now include C #, Ruby, PHP and Go in addition to Java, Javascript and Python. The 2nd brick of the platform, Snyk Open Source, finds and repairs vulnerabilities in open source dependencies through the development process. Snyk brings it new support for the Elixir language and for the Yarn 2 and Poetry package managers. In addition, there are native integrations with Atlassian BitBucket and AWS CodePipeline, as well as integration of the acquired deep C ++ scanning technology with FossID. The Snyk Container brick benefits from extensive container registry support for Quay, Github Container Registry, GitLab, Google Artifact Registry and Harbor, among others. The brick also benefits from an evolution of the support for the Trivy container analysis tool with Snyk’s vulnerability database.

Snyk Apps based on the Snyk v3 API

On the Infrastructure as Code part, Snyk has advanced the detection of configuration problems on Kubernetes in Terraform code, with compatibility for AWS, Azure and GCP. As for the Snyk API, v3, based on the latest version of OpenAPI, is three times faster, says the publisher, and it extends to new terminals.

During SnykCon, the publisher also announced the Snyk Apps which allow the platform’s functionalities to be integrated into specific workflows. For example, by creating an application that disseminates the results of Snyk’s security tests in an incident management tool, the publisher exposes. Snyk Apps rely on Snyk API v3 and OAuth 2.0 to install granular permissions.

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Frictions Between Google And Apple On Imessage Previous post Frictions between Google and Apple on iMessage
The Zero Trust Boosted By The Pandemic Next post The zero trust boosted by the pandemic