Code SecurityNew years resolution: Don’t show my security tokens when hacking my demo application on stageJanuary 12, 2022
Vulnerability InsightsURL confusion vulnerabilities in the wild: Exploring parser inconsistenciesJanuary 10, 2022
Vulnerability InsightsOpen source maintainer pulls the plug on npm packages colors and faker, now what?January 9, 2022
Vulnerability InsightsFTC highlights the importance of securing Log4j and software supply chainJanuary 7, 2022
Vulnerability InsightsCTF secrets revealed: TopLang challenge from SnykCon 2021 explainedJanuary 6, 2022
IaC SecurityChecking Terraform IaC security in CI/CD with Regula and Bitbucket Pipelines [Tutorial]December 29, 2021
Vulnerability InsightsNew Log4j 2.17.1 fixes CVE-2021-44832 remote code execution (but it’s not as bad as it sounds)December 29, 2021
Open Source SecurityIt takes a community: Responding to open source criticism post-Log4ShellDecember 24, 2021
IaC SecuritySnyk IaC in 2021: Leading infrastructure as code security for developersDecember 22, 2021
Container SecuritySnyk Container in 2021: Shifting container security all the way leftDecember 22, 2021
Vulnerability InsightsSnyk makes it easier to fix Log4Shell with extended free scansDecember 21, 2021
Vulnerability InsightsLog4j 2.16 High Severity Vulnerability (CVE-2021-45105) DiscoveredDecember 18, 2021
Vulnerability InsightsFind Log4Shell vulnerabilities in your unmanaged and shaded jars with the Snyk CLIDecember 18, 2021
Vulnerability InsightsLog4j 2.15 vulnerability CVE-2021-45046 upgraded to a critical severity arbitrary code executionDecember 17, 2021
