Snyk bolsters developer safety with recent devsecop, cloud capabilities

The Snyk replace additionally contains integrations with new devsecops merchandise from suppliers together with AWS, ServiceNow, Jira and Dynatrace. Snyk has built-in with ServiceNow’s Vulnerability Response utility and AWS CloudTrail Lake — each cloud workload visibility instruments — to assist bolster the safety posture of  enterprise software program provide chains.

Securing cloud apps with IaC

Snyk has additionally enhanced the Snyk IaC module of its platform with cloud-specific capabilities, which  routinely hyperlink cloud assets to an IaC supply template — a code infrastructure blueprint. This can allow safety groups to hint a specific cloud problem again to its supply code and notify the suitable staff to repair it.

Whereas the brand new options are necessary for fixing misconfigurations on the IaC degree,  they  nonetheless can’t function a alternative to cloud security posture management (CSPM) for cloud assets. Whereas IaC could be regarded as an architectural blueprint, CSPM secures the precise constructing, Yates stated.

“With IaC, you make sure the blueprint all adds up to create a great plan. With CSPM, you are closing down windows that have been left open in the actual building that was built from that plan,” Tweedie-Yates added.

Within the analogy, Snyk’s enhancement traces a window constructed with flawed form within the precise constructing again to the precise place within the blueprint the place the plan was laid out and fixes it there, Yates defined.

Snyk Container has additionally obtained an improve, providing enhanced assist for “golden images,” which consult with standardized, preconfigured container bases used for the deployment of a number of situations of an utility or service. Golden pictures are an necessary software for managing container deployments, as they supply a constant and repeatable deployment course of that may be simply automated.

Date: 2023-04-04 14:59:00

Source link



Related articles

Alina A, Toronto
Alina A, Toronto
Alina A, an UofT graduate & Google Certified Cyber Security analyst, currently based in Toronto, Canada. She is passionate for Research and to write about Cyber-security related issues, trends and concerns in an emerging digital world.


Please enter your comment!
Please enter your name here