“Snyk provides both static application security testing (SAST) and software component analysis (SCA) tests to help you find, fix and monitor security issues throughout the software development lifecycle”
Technology radar, Thoughtworks
I like the Technology radar from Thoughtworks. A group of smart people using Technology and creating a stack that they use and recommend what others could consider.
I attended one such meeting in Munich where they presented it and I was hooked.
Ever since, I have kept an eye on it and asked my software teams to see what is relevant and consider it for their stack.
eg: If you are a .NET Developer, the current Technology Radar talks about the “.NET Minimal API”. More about it in a future post! If you are a Python developer, the current Technology Radar talks about Ruff as a linter and so on.
I tested Snyk with my public GitHub repositories and the integration was smooth!
I like the way one can decide which accounts (private or organization) and repositories (public or private) one would like to import.
It reminded me of the Code Analysis feature in Visual Studio but much cooler especially when it keeps an eye on the numerous open source dependencies.
For those who are interested in giving it a run:
Open Source Security Management | SCA Tool | Snyk
And for those interested in the Technology radar:
Technology Radar | An opinionated guide to today’s technology landscape | Thoughtworks