September 2018 Summaries
2 posts from Snyk
Filter
Month:
Year:
Post Summaries
Back to Blog
The article provides 10 security best practices for using Maven, a popular build tool in the Java ecosystem. The first practice is to encrypt secrets, such as passwords, in the settings.xml file to prevent unauthorized access. Another key practice is to avoid using passwords directly in the command line and instead use server-entries or encryption. Additionally, it's recommended to always use HTTPS when connecting to third-party services, including Maven repositories. The article also highlights the importance of checking dependency health by looking for factors such as a team of contributors, documented security policies, and regular updates and releases. Testing for known vulnerabilities using tools like Snyk is another crucial practice, as well as testing checksums to detect errors in data transmission or storage. Furthermore, it's recommended to use Maven developers/roles to provide information about security contacts and to stay up-to-date with the latest security patches by keeping the version of Maven updated. Finally, checking security bulletins from the Apache Maven site is also essential to stay informed about any security issues.
Sep 26, 2018
1,759 words in the original blog post.
Snyk has secured $22 million in its Series B funding, led by Accel, with participation from GV and existing investors, demonstrating confidence in the company's developer-first approach to application security. The funding will support Snyk's rapid growth and expansion of its DevSec community, which now protects over 140,000 repositories and has seen significant adoption among developers, with over 160,000 users and 5 million API calls made in a month. The company aims to automate vulnerability remediation and expand its offerings to protect open source libraries at runtime, growing its Secure Developer community and defining a new category of runtime open source security. With the investment, Snyk plans to scale its business, deepen support for languages, and continue to prioritize customer dedication and community growth.
Sep 25, 2018
802 words in the original blog post.