Might be worth a while to create a picture/map of where infra. type scanner sit (eg. among static and dynamic code scanners ) . So the viewer dont simply think synk is all they ever need to defend against cyberattack on their code/app.
As for dependency vulnerabilities scanning, there's already the GitHub-built-in Dependabot. It scans your repos and sends the fixes as pull requests, plus sends you an email warning you about that security issue. I can't remember whether Dependabot is available also for non-pro GitHub accounts. Anyway, if you are a student you can get GitHub pro for free (and countless other benefits) with their student developer pack.
But it does report lot of false positives better to use other commercial tools if really concerned about the actual vulnerabilities in the source code, but yeah maybe good for smaller projects but not really for bigger projects which has lot of call graphs involved , also it does miss lot of true positives tooooo
As a Django developer , do I really need to get into this? I just keeping getting into things without totally being an expert in any of it. Feels like I can skip this.
This is awesome. My best friend talks yo me about the importance of cyber security. Really good tool.
Hey Tim can you make another flask blog tutorial?
Great tute, Tim! So smooth and on point.
Might be worth a while to create a picture/map of where infra. type scanner sit (eg. among static and dynamic code scanners ) . So the viewer dont simply think synk is all they ever need to defend against cyberattack on their code/app.
I'm writing my first Flask app right now, what other scanners/tests should I run on my code to check for vulnerabilities? Thank you!
As for dependency vulnerabilities scanning, there's already the GitHub-built-in Dependabot. It scans your repos and sends the fixes as pull requests, plus sends you an email warning you about that security issue. I can't remember whether Dependabot is available also for non-pro GitHub accounts. Anyway, if you are a student you can get GitHub pro for free (and countless other benefits) with their student developer pack.
Just to highlight, Snyk is free for open source too, and even for private projects :-)
I'm interviewing for a job in Snyk. Can you recommend what I should review for the technical interview?
Super! Thank you so much!
Tim you are very honest
Very good topic
Hey Tim, have you used SonarQube as an alternative? It would be great if we could have something on a comparison between Snyk and SonarQube too!
Can I ask what tool are you using for recording and for editing your video? It's really professional work, Tim.
But it does report lot of false positives better to use other commercial tools if really concerned about the actual vulnerabilities in the source code, but yeah maybe good for smaller projects but not really for bigger projects which has lot of call graphs involved , also it does miss lot of true positives tooooo
Thx a lot for all...bad summer happy viewer thx a lot tim
I'm soooo grateful for your amazing Chanel 👏!
Thanks bro, I learned a lot
Great tutorial tim!
Hope Tim likes this comment 😊
Love your content btw Tim!
As a Django developer , do I really need to get into this? I just keeping getting into things without totally being an expert in any of it. Feels like I can skip this.
Well, you would want to stay competitive against other developers equiped with "ops" and "sec" skills set( dev/ope/sec).
How to scan running docker container
So cool! Love this!
It's also available for *VSCode* too 🖥️
doesn't work the extension is trash
subtitles are wrong, whenever you say the name of the program the subtitles write "sneak" instead of "snyk"
Tim why you choose python over many language
Hey tim
And I was wondering about it since they found malicious code in some Python repos recently...
Great job. How can I contact you pls?
Is it free / open source ?
Cover says "vunerabilities"
Is Tim available for hire?
Can you make a video about making telegram bot please ❤️❤️❤️
Thankssssssssss
Vit Raid
yo
give me your source code
I have the POWER! Im the 1k like, Pin me