snyk - Scrum Bug

snyk

A collection of 3 posts

Cow walking through an Indian Marketplace

Azure DevOps Featured

Security state of the Azure DevOps Marketplace

This report focusses on the Azure Pipelines extensions in the Marketplace. At the time of compiling the report there are 1460 extensions in the "Azure Pipelines" category. More than 500 have one or more vulnerabilities or vulnerable dependencies.

Log4J – A 10 step mitigation plan

Log4J – A 10 step mitigation plan

There is already a lot of attention on the #Log4J vulnerability. It is all over the news while we write this blog. Many customers have asked us what to do. In this blog we give some advice on how to deal with the Log4j vulnerability and similar vulnerabilities in the future.

99% of code isn't yours

msbuild Featured

99% of code isn't yours

Your own 1% is under source control, but are you keeping taps on all of the libraries you import each time you do a dotnet restore or npm install?