Not every developer is a security expert, but use these tips to improve your skills In today’s digital age, security is a major concern for individuals and organizations alike. With the increasing number of cyber-attacks and data breaches, it’s crucial for developers to have a thorough understanding of security best practices. The security of an application is of the utmost importance, as it can directly impact the safety and privacy of users’ data.

TL;DR Integrate your Snyk application security platform by leveraging webhooks into various other external systems such as Microsoft Teams, Azure DevOps Boards, New Relic, DataDog and Splunk. Here are all the necessary links to get started: GitHub Repository: https://github.com/harrykimpel/snyk-webhook-subscription Microsoft Teams: https://github.com/harrykimpel/snyk-webhook-subscription/blob/main/azure-function-microsoft-teams.cs Azure DevOps Boards: https://github.com/harrykimpel/snyk-webhook-subscription/blob/main/azure-function-azure-boards.cs New Relic: https://github.com/harrykimpel/snyk-webhook-subscription/blob/main/azure-function-newrelic.cs DataDog: https://github.com/harrykimpel/snyk-webhook-subscription/blob/main/azure-function-datadog.cs Splunk: https://github.com/harrykimpel/snyk-webhook-subscription/blob/main/azure-function-splunk.cs Background In the past few weeks I have been quite busy in my spare time to think about new ways of integrating the Snyk application security platform with various other systems and especially also observability platforms.

TL;DR By leveraging a Prometheus Exporter you can send all your application security vulnerabilities from Snyk into New Relic. Here are all the necessary links to get started: Snyk Exporter: https://github.com/lunarway/snyk_exporter New Relic Kubernetes integration: https://docs.newrelic.com/docs/infrastructure/prometheus-integrations/get-started/send-prometheus-metric-data-new-relic/ New Relic Instant Observability Quickstart: https://newrelic.com/instant-observability/?search=snyk Update (2022-09-22) The option that I am describing here is just one way to achieve this. There might even be a more straight forward option available that I started to describe in a more recent post.

Microsoft has released a security advisory about a vulnerability in ASP.NET. A security patch is already available here. Below are some details on how the vulnerability works: “To understand how this vulnerability works, you need to know about cryptographic oracles. An oracle in the context of cryptography is a system which provides hints as you ask it questions. In this case, there is a vulnerability in ASP.NET which acts as a padding oracle.