This advisory details a PHAR deserialization vulnerability that exists in SuiteCRM which could be leveraged by an authenticated administrator to execute commands on the underlying operating system.
In a recent npm security research activity, Snyk uncovered a total of 8 npm packages that matched a specific malicious code vector of attack.
Snyk Open Source support for GitHub Security Code Scanning lets you automatically scan your open source dependencies for security vulnerabilities and license issues, as well as view results directly from within GitHub’s Security tab.
Snyk API Wednesdays
Welcome to Snyk API Wednesdays! This is our newest blog series that highlights the different ways the Snyk API is leveraged by our customers. Snyk’s extensibility and API enable developers to tune Snyk’s security automation to their specific workflows, ensuring both developer experience and consistent platform governance.
As organizations continue to rely on software for core business processes, application security (AppSec) is an ever-critical consideration.
During our roundtable discussion with Intuit, we tackled the question, "How can we make security appealing to developers?"
The future of code security depends on SAST tools that are fast, accurate, and developer-first. Additionally, they need to offer recommended fixes for vulnerabilities, putting security expertise in the developer toolkit.
Snyk is celebrating our 4-year partnership with Atlassian at Atlassian Team ‘21 with a big announcement
Snyk Infrastructure as Code beta helps you perform Terraform plan analysis for security vulnerabilities before applying your changes.
the Snyk Maven plugin so you can now scan your application for security vulnerabilities in third-party libraries as part of your build cycle—putting security expertise in the hands of developers.
Code Dx 5.3 now includes a connector with Snyk, giving customers visibility to open source dependencies, license issues, and container vulnerability management.