SnykCon 2020 has ended
Back To Schedule
Thursday, October 22 • 18:55 - 19:25
Fixing the cost of fixing - the road to zero vulnerabilities

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
As applications become more complex and use ever more dependencies, vulnerabilities pose a growing risk and staying on top of them becomes a harder job. The average project has over 20 vulnerabilities when first imported into Snyk. Given that developers are owning more of the software development lifecycle than ever before, it’s no wonder than ~54% of organizations end up knowingly deploying vulnerable code into production.

Prevention isn’t enough, and while a leading database allows you to find and avoid many vulnerabilities, there’s a pressing need to reduce the backlog of vulnerabilities that either existed before you started scanning a project, or are later found in already deployed code.

To help development and security teams prevent and fix vulnerabilities in the most efficient way, security solutions must provide the following key ingredients:
  • Accurate, timely and comprehensive vulnerability intelligence/detection
  • Simple and easy-to-use interfaces 
  • Automated remediation workflows
This session will demonstrate how Snyk combines these three ingredients to help organizations reduce the effort and planning required to get, and stay, as close to zero vulnerabilities as possible. Snyk does this with automated PRs to keep dependencies up to date, fix newly found vulnerabilities, and address the backlog of vulnerabilities. 


Following this session, participants will have a deeper understanding of Snyk’s active remediation functionality. This will enable them to not only fix newly discovered vulnerabilities, but also reduce the backlog of vulnerabilities that most projects have. As well as this, they’ll know what they can do to stay up to date, helping them avoid deploying new vulnerabilities and simplifying future vulnerability fixes. 

All of this is possible in a developer focused way, that automates away the need for time-intensive planning required in order to manually track what has been fixed and what should be fixed next. It eliminates a large part of the developer effort required to raise pull requests, allowing the developers to review and apply changes in tools that they are already familiar with, and use daily.

avatar for Dan Mckean

Dan Mckean

Product Manager, Snyk
Product Manager at Snyk looking after teams concerned with freemium, user acquisition, user success and onboarding, and conversion to paid plans. As well as helping our users to be more successful with remediation. Talk to me about any of those things! 

Thursday October 22, 2020 18:55 - 19:25 BST
Product Track