Blog Archive

Application Security

Threat modelling For Node.js applications

August 31, 2016

Engineering

Using ES2015 Proxy for fun and profit

August 23, 2016

Open Source Security

What DevOps and Open Source Security have in common

August 16, 2016

Engineering

Engineering is somewhat like basketball

August 4, 2016

Open Source Security

Enriching bitHound with Snyk

July 27, 2016

DevSecOps

HTTPS Adoption *doubled* this year

July 20, 2016

Application Security

4 steps to address vulnerable dependencies

July 7, 2016

Open Source Security

Out of Beta, plus exciting new features

June 22, 2016

Engineering

The 5 dimensions of an npm dependency

June 16, 2016

Vulnerability Insights

Fixing SQL Injection: ORM is not enough

June 8, 2016

Open Source Security

5 ways to get Node.js vulnerability alerts

June 2, 2016

Vulnerability Insights

Fixing `marked` XSS vulnerability

May 15, 2016

Engineering

Architecting a Serverless web application in AWS

May 9, 2016

Vulnerability Insights

Mitigating ImageMagick vulnerabilities in Node.js

May 6, 2016

Open Source Security

Free vulnerability testing and monitoring for public GitHub projects

April 20, 2016

Vulnerability Insights

Exploiting Buffer

April 5, 2016

Vulnerability Insights

How to prevent malicious packages

March 27, 2016

Code Security

Tackling the new npm@3 dependency tree

February 25, 2016

Vulnerability Insights

Using Node.js event loop for timing attacks

February 16, 2016

Open Source Security

Keeping your open source credentials closed

December 14, 2015

Application Security

Launching Snyk

December 3, 2015

Engineering

A CEO's guide to Emacs

November 11, 2015

DevSecOps

10 Reasons To Use HTTPS

July 10, 2015

Engineering

Immutable infrastructure: Networks

April 17, 2015