Below you will find pages that utilize the taxonomy term “Vulnerability Management”
How to use IAST to prove exploitable vulnerabilities within your first-party code
Enabling a true “shift-left” in software security by empowering DevOps and security teams to work together
In some recent articles I shared how you as a developer can add security to your skillset by using New Relic capabilities. I also dug deeper into ways on how to mitigate hidden security risks of open source software libraries. Both of these blogs focused on third-party code and how it can impact the security of your software applications. In this article I will focus on the security of your own custom code, i.e. the code that you write yourself.
Mitigate the hidden security risks of open source software libraries
Check your source code for any vulnerable libraries and start mitigating these issues
Open source software libraries have become an integral part of modern software development. They are widely used by developers to accelerate the development process and reduce costs. On average, open source libraries make up 70-90% of an entire software application. However, the use of open source libraries also comes with hidden security risks that could potentially harm your organization’s reputation and financial well-being.
Level up your security skillset with New Relic
Not every developer is a security expert, but use these tips to improve your skills
In today’s digital age, security is a major concern for individuals and organizations alike. With the increasing number of cyber-attacks and data breaches, it’s crucial for developers to have a thorough understanding of security best practices. The security of an application is of the utmost importance, as it can directly impact the safety and privacy of users’ data.
Updated Snyk Webhook Integration with New Relic
In a recent post I wrote about the ability to send all your application security vulnerabilities found by Snyk directly to your New Relic observability platform.
Now, New Relic made it even easier to achieve that by providing a dedicated security ingest processor that ‘understands’ the payload from a Snyk webhook. All the details on how to get started, create and configure a Snyk webhook to send into your New Relic account is provided in this docs page: https://docs.newrelic.com/docs/vulnerability-management/integrations/snyk/
How to send Snyk vulnerability data to the New Relic observability platform
Security and observability data go hand in hand when it comes to application health. If you can put those two sources of data behind a single pane of glass you can make your life a lot easier. By leveraging the different options that the Snyk platform provides, you can send all your application security vulnerabilities found by Snyk directly to your New Relic observability platform. Let’s see how!
Prerequisites
Here are all the necessary links to get started: