Blog Archive

Open Source Security

Comparing React and Angular secure coding practices

October 30, 2019

Application Security

2019 side-by-side comparison of Angular and React security vulnerabilities

October 30, 2019

Open Source Security

A Snyk peek into Node.js and npm’s state of open source security report 2019

October 9, 2019

Vulnerability Insights

Why npm lockfiles can be a security blindspot for injecting malicious modules

September 24, 2019

Open Source Security

10 Java security best practices

September 17, 2019

Vulnerability Insights

Sequelize ORM npm library found vulnerable to SQL Injection attacks

September 11, 2019

Open Source Security

Automating open source security scanning with Snyk and CircleCI

August 16, 2019

Open Source Security

Staying ahead of security vulnerabilities with security patches

July 31, 2019

Open Source Security

Fix open source vulnerabilities directly from your Eclipse IDE

July 25, 2019

Open Source Security

How to increase Serverless observability, monitoring and security

July 15, 2019

Vulnerability Insights

Concerns of supply-chain attacks amplify as remote code execution was found in Ruby gem strong_password

July 7, 2019

Vulnerability Insights

Snyk research team discovers severe prototype pollution security vulnerabilities affecting all versions of lodash

July 5, 2019

Open Source Security

Serverless is great, but what about the security of my AWS Lambda functions and their dependencies?

July 3, 2019

DevSecOps

Best practices for secrets management in serverless applications

June 13, 2019

Application Security

npm passes the 1 millionth package milestone! What can we learn?

June 4, 2019

DevSecOps

10 Serverless security best practices

May 31, 2019

Application Security

Scoring security vulnerabilities 101: Introducing CVSS for CVEs

May 16, 2019

Vulnerability Insights

CRLF injection found in popular Python dependency, urllib3

May 15, 2019

Vulnerability Insights

A Denial of Service vulnerability discovered in the Axios JavaScript package - affecting all versions of the popular HTTP client

May 6, 2019

Open Source Security

How much do we really know about how packages behave on the npm registry?

April 22, 2019

Vulnerability Insights

After three years of silence, a new jQuery prototype pollution vulnerability emerges once again

April 15, 2019

Vulnerability Insights

Malicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem

April 4, 2019

Application Security

Introducing experimental integrity policies to Node.js

March 21, 2019

Open Source Security

88% increase in application library vulnerabilities over two years

February 26, 2019