As software applications grow in scale and complexity, the surface areas for security vulnerabilities and exploits grow with it.
Modern development practices include large amounts of code reuse. First, in the form of language-specific standard libraries such as the C++ STL, the Golang standard library, and Microsoft .NET. Second, in the form of open-source libraries found on places like GitHub. Much of this code is built using other libraries, introducing a web of dependencies into modern software.
This sheer amount of code leads to a high likelihood of security vulnerabilities being present. It's not possible to stay on top of vulnerabilities by manually checking all dependencies against CVE lists. Adding automated vulnerability scanning to CI/CD processes can help identify, and mitigate security risks.
Bitbucket, Atlassian's code collaboration solution, has invested in a deeply embedded native integration with Snyk, the leading provider of security solutions for developers. This means no apps to install or configure. You can see details of security issues right within Bitbucket. Once you enable it, Snyk automatically checks your code and its dependencies and alerts you of vulnerabilities that are present so you can fix them before you deploy.
Snyk tracks four times more vulnerabilities than any other commercial database and when new vulnerabilities are discovered, their database updates up to 46 days sooner than other databases.