Articles

Understanding the AI Bill of Rights: U.S. Framework for Ethical AI | Principles, Compliance, and Key Takeaways

Learn what the AI Bill of Rights is, why it matters, and how to align with its five core principles to build safer, fairer, and more accountable AI.

AI Security Guardrails with Snyk CLI MCP Server

Secure AI-generated code. Snyk CLI MCP Server integrates security into AI coding assistants via MCP for real-time scanning. Keep GenAI speed, add Snyk safety.

StarChat

Discover StarChat, a uniquely tailored internal AI assistant designed to streamline the process of writing StarLang code.

From Vision to Trust: How to Launch an AI Governance Program

Unlock safe AI innovation! Learn how Snyk built its AI governance program from vision to execution, ensuring trust, managing risk, and empowering teams to build securely and responsibly.

DevSecOps Overview

DevSecOps refers to the integration of security practices into a DevOps software delivery model. Its foundation is a culture where development and operations are enabled through process and tooling to take part in a shared responsibility for delivering secure software.

5 Best Practices for Building MCP Servers

Building MCP Servers has become a mainstream gateway to externalize product capabilities to AI applications and AI-driven workflows. Here are 5 best practices for building MCP Servers.

Understanding Prompt Injection: Techniques, Challenges, and Risks

A prompt injection attack is a GenAI security threat where an attacker deliberately crafts and inputs deceptive text into a large language model (LLM) to manipulate its outputs.

From Slack Threads to Structured Knowledge: Implementing RAG at Snyk

Snyk converts Slack conversations into structured knowledge using RAG. Learn how focusing on Q&A and Gemini API extracts valuable insights for a smarter internal knowledge base.

The Role and Impact of AI in Endpoint Security

Discover AI's transformative impact on endpoint security. Learn how AI enhances threat detection, incident response, and tools like EDR/XDR for robust cybersecurity in the evolving threat landscape.

Navigating AI for Source Code Analysis

Explore AI's role in source code analysis—from detecting bugs and vulnerabilities to optimizing performance. Understand how to use AI tools responsibly for secure and efficient software development.

How To Get Started with AI Compliance and Why It Matters

Master AI compliance! Learn what it is, why it matters, and how to get started with frameworks and best practices to manage risk, security, and trust in AI systems.

9 MCP Projects for AI Power Users

Explore 9 Model Context Protocol (MCP) projects that transform LLMs into versatile collaborators for power users looking to supercharge their AI workflow.

6 MCP Servers for Using AI to Generate 3D Models

Explore six MCP servers specifically designed for 3D modeling applications, spanning everything from professional architectural tools to open source modelers and 3D printing platforms.

Five Ways Shadow AI Threatens Your Organization

Uncover 5 ways Shadow AI threatens your organization's data, compliance, and security. Learn how to gain control and protect your business from hidden AI risks.

What is AI jailbreaking? Strategies to Mitigate LLM Jailbreaking

LLM Jailbreaking happens when adversarial prompts force unintended actions. Discover the best strategies to mitigate and defend against jailbreaking in GenAI models.

What is AI chip design, and how does it work?

AI chip design automates tasks, boosting engineering productivity and enhancing chip quality outcomes.

What If Everybody Can Code?

AI empowers citizen developers to code, posing new security & Shadow IT challenges. Explore how organizations can securely support widespread coding in this evolving landscape.

MCP Security – What's Old is New Again

MCP security faces old and new threats like injection attacks, supply chain risks, and AI-specific dangers like tool poisoning. Learn to mitigate risks to malicious, vulnerable, and insecure MCP servers.

Ensuring PCI DSS Compliance: The Role of SAST, DAST, and API Security Testing

Achieve PCI DSS compliance with best practices and tools like Snyk API & Web or Snyk Learn. Secure payment data and build trust while simplifying audits and testing.

Decoding CVEs: A practical guide to assessing and mitigating security risks

Let's explore the world of Common Vulnerabilities and Exposures (CVEs) with step-by-step examples of evaluating if a CVE impacts your project and pragmatic strategies for effective mitigation. This guide will empower you to tackle security vulnerabilities head-on. Don't let CVE warnings go unnoticed — learn how to address them confidently and efficiently.