DigitalOcean Used Snyk to Resolve a Critical Ruby Gem Vulnerability in a Single Day
DigitalOcean: Fixing a critical Ruby Gem vulnerability within a day of disclosure
After integrating Snyk into their development lifecycle, DigitalOcean was able to fix two vulnerabilities in Nokogiri within a day of being notified! Such a quick turnaround when monitoring for vulnerable dependencies would not have been possible without Snyk.
DigitalOcean, a cloud platform provider with offices in New York, NY, and Cambridge, MA, makes it simple for developers to build great software by offering transparent and affordable pricing, a simple and elegant user experience, a highly engaged developer community, and one of the most comprehensive libraries of open source resources in the world. Its development team delivers rapid feature development on multiple Rails applications and single-page web applications.
Before DigitalOcean integrated Snyk into their development lifecycle, keeping up to date with the latest dependencies and vulnerabilities was carried out by individual technical leads on each of their projects. DigitalOcean needed a timely and pragmatic response to vulnerabilities in their third-party dependencies.
How Snyk Helped
Snyk simplified the non-trivial task of scanning for vulnerabilities in DigitalOcean’s third-party libraries. By using this system, the DigitalOcean Application Security team is able to focus their efforts on scanning for vulnerabilities in the code and applications that are continuously produced by their development teams. Snyk makes it easier for the AppSec team to keep up-to-date with newly discovered vulnerabilities, and then resolve most issues quickly – with one click – with Snyk’s automated remediation system.
User Experience Matters
Snyk’s tools are built with the developer in mind and are designed to work seamlessly with existing tools and workflows
In June 2017, DigitalOcean was notified by Snyk of two vulnerabilities in Nokogiri. Nokogiri is an HTML, XML, SAX, and Reader parser, which has the ability to search documents via XPath or CSS3 selectors.
Over the course of a single work day, DigitalOcean was able to upgrade multiple services and internal libraries to a newer and safer Nokogiri version and then, following verification, production environments, roll them out to its pre-production.
Prior to using Snyk, the process of finding and fixing this type of vulnerability would have taken much longer, which meant that DigitalOcean was previously at risk of vulnerabilities being exploited for greater lengths of time. This is no longer the case.
Our mission is to help you use open source code and stay secure.
For more information about how you can leverage Snyk for your protection, drop us a line: firstname.lastname@example.org
Tailoring your notifications
March 29, 2018The most common way for Snyk users to find out that they have an issue in their project is via our email alerts. It’s a core part of our service, but until recently, we didn’t have much in the way of configuration around what types of issues would trigger an email alert. As we scale our language support, enabling you monitor more projects in Snyk, we want you to feel better informed about the types of issues that matter to you, while making less noise about the issues that don’t.
How Comic Relief’s developers used Snyk to automate security and boost productivity as part of their Digital Transformation.
March 22, 2018Comic Relief integrated Snyk into their Concourse CI Serverless deployment pipeline which allows even the most junior of developers use open source securely by remediating any vulnerable libraries before they go to production.
Subscribe to The Secure Developer Podcast
A podcast about security for developers, covering tools and best practices.
Interested in web security?
Subscribe to our newsletter: