Want to impress your boss with your security knowledge? Stay up to date by learning why application security is important and how you can improve.
Simon Maple (VP of Developer Relations & Community at Snyk) and Chaim Mazal (VP, Information Security at ActiveCampaign) discuss the changing application security landscape and the impact it has had on ActiveCampaign.
Learn how to use the Snyk Vulnerability Scanner plugin for IntelliJ IDEA to make it easy to find and fix Java security issues earlier in the development process.
We’re pleased to announce our new plugin for JetBrains IDEs, making it easier for developers to find and fix security issues as they code! Snyk’s new free JetBrains IDE plugin enables developers using IntelliJ IDEA and WebStorm to easily find and fix known vulnerabilities in their open source dependencies as well as any security issues […]
Buying security tooling is easy, but changing company culture is hard. Learn how Shutterstock was able to adopt a security mindset from the ground up.
YAML files are often used to configure applications, application servers, or clusters. It is a very common format in Spring Boot applications and, of course, to configure Kubernetes. However, similarly to JSON and XML, you can use YAML to serialize and deserialize data. Although YAML looks like an excellent alternative for XML and JSON, many […]
SQL injection is one of the most dangerous vulnerabilities for online applications. It occurs when a user adds untrusted data to a database query. For instance, when filling in a web form. If SQL injection is possible, smart attackers can create user input to steal valuable data, bypass authentication, or corrupt the records in your […]
The Spring MVC framework is a well-known Java framework to build interactive web applications. It implements the Model-View-Controller architecture pattern to separate the different aspects of your application. Separating the different logic elements like representation logic, input logic, and business logic is generally considered good architectural practice. This separation of concerns, when implemented correctly, provides […]
This article is part 3 of Snyk API Wednesdays – our new blog series covering different Snyk API use cases and customer stories. Part 1 covered the Snyk-Watcher by Twilio, and part 2 covered a new integration with Opsgenie using custom webhooks. Monitoring the vulnerabilities identified across your different applications plays a key role in […]
The recent SolarWinds breach highlights a new paradigm in the Software Supply Chain. When compared simply to the code itself without any additional tools, Proprietary Code is no more secure than Open Source. By contrast, many would argue that Open Source Code is more secure due to a faster fix/patch/update cycle and the pervasive access […]
Software supply chain security concerns are more prevalent than ever. The U.S. Pentagon, Department of State, Department of Homeland Security, Microsoft, FireEye – this is just a partial list of the government agencies and companies hacked as a result of the attack on SolarWinds’ proprietary software – the Orion network monitoring program. The scope of […]