Accelerating the Snyk infrastructure as code vision with the addition of CloudSkiff
We are thrilled to welcome the team at CloudSkiff to Snyk! Learn why we’re excited about the addition of this fantastic group of people to Snyk, and our plans for the future of Snyk Infrastructure as Code (Snyk IaC), as well as our commitment to keeping driftctl open source.
Editor's Picks
Subscribe to our newsletter for all the latest news and resources.
Java JSON deserialization problems with the Jackson ObjectMapper
Learn how Jackson ObjectMapper deserialization vulnerabilities work and how to make sure you are not affected by them.
Snyk achieves AWS Security Competency status
We are very excited to announce that Snyk has achieved AWS Security Competency status, further validating our commitment to security excellence in partnering with AWS! Tested and Trusted by AWS AWS Competency Programs, such as the AWS Security Competency, validate that partners like Snyk have demonstrated technical proficiency and proven customer success in areas like
Securing your open source dependencies with the Snyk Visual Studio Code extension
We’re pleased to announce new functionality within the Snyk Visual Studio Code extension, making it easier for developers to find and fix vulnerabilities and license issues in their open source dependencies!
Learn about the Snyk API
Read about some of the different ways the Snyk API is leveraged by our customers. Snyk's extensibility and API enable developers to tune Snyk's security automation to their specific workflows, ensuring both developer experience and consistent platform governance.
Snyk Career Stories: Starting and growing your career through the Snyk SDR program
At Snyk, we are deeply invested in career progression and offer our teams tools, skills, and development opportunities necessary to enable our Snykers to become future leaders. One of the places we’ve seen our values in action is through our Snyk SDR program.
Developing custom IaC rules with Snyk
In an increasingly cloud native world, infrastructure as code (IaC) is often the first point of entry into an application. And with technologies such as Kubernetes and Terraform becoming increasingly popular, most app developers will update at least one Kubernetes or Terraform resource at one point in their career. But while updating and maintaining infrastructure
How to prevent Trojan Source attacks with Snyk Code
Earlier this month, a group of researchers at the University of Cambridge published an academic paper, with an accompanying website, on a new type of potential vulnerability that could appear in source code. They called it Trojan Source. The basic idea of the vulnerability is the use of unicode characters within code, while adding nice
Announcing automated fixes for vulnerabilities in .NET dependencies
We’re pleased to announce improved support for .NET applications in Snyk Open Source, allowing developers to fix vulnerabilities in .NET dependencies with the help of actionable advice and automated pull requests!
Proactively fixing vulnerabilities to maintain Java security and project hygiene with Snyk
In this post, we'll see how to maintain the health and hygiene of projects and repositories we are no longer working on, with a focus on Java security.
AppSec during hypergrowth: Empower your developers to overcome the tech talent shortage
Hypergrowth companies face a number of challenges related to development and application security. Read on to learn how to overcome them by empowering developers.
Best practices for containerizing Python applications with Docker
In this post, we’ll attend to those concerns and take a look at some 6 best practices when containerizing Python applications with Docker.
Scanning ARM templates for misconfigurations with the Snyk CLI
Given the massive demand for and popularity of Azure Resource Manager (ARM), we are excited to announce you can now use Snyk Infrastructure as Code to scan ARM JSON files against our comprehensive set of security rules in the Snyk CLI.