Results 1 to 1 of 1

Thread: Tips for securing open-source Libraries!

  1. #1
    Join Date
    May 2020
    Ubuntu 20.04 Focal Fossa

    Post Tips for securing open-source Libraries!


    I have no formal education in programming or have worked as a programmer in the past. But I have worked in a large international company with heavy emphasis on software R&D. So I have some sense of how things work in the developer industry.

    Just decided to go all-in teaching myself how to code with Python3 last year. In that journey I stumbled upon this great service for helping you keep track of security vulnerabilities while you are coding. By creating vulnerability reports for you every week based on your GitHub project repository. You can create these reports locally also.

    This is great since most security vulnerabilities usually comes from library imports you create with Python3, which a hobby developer don't really have any control over. But with these Snyk reports it's just a matter of upgrading packages to the latest versions.

    I don't work for Snyk or get any perks from them. But I just wanted to share this useful gem to everyone who wants to harden their code game. It's free for hobby developers and cost a ton of money for Enterprises.

    Securing Open Source Libraries - Guy Podjarny & Liran Tal - Aug 2019

    Automating remediation for vulnerabilities in Python dependencies using Snyk - Feb 2020

    Which manifest files can be tested and monitored by Snyk?

    The Snyk monitoring service basically scans your pip requirements.txt file for library vulnerabilities.
    Last edited by mortalkorona; May 16th, 2020 at 08:52 AM.

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts