Application Security

Want to impress your boss with your security knowledge? Stay up to date by learning why application security is important and how you can improve.

SnykCon Day One wrap-up: Snyk Code, carbon neutrality & session highlights

Day One of SnykCon 2020 is in the books. In this post, we’re bringing you a recap of all the news fit to print, plus a peek into some of the eye-opening sessions we heard today. Have a read and join us for Day Two tomorrow. Snyk Code, developer-first SAST, extends Snyk Platform Today, we […]

October 21, 2020

Announcing developer-first SAST with Snyk Code

Snyk announced our forthcoming product, Snyk Code, our new developer-first SAST offering, expanding our cloud native application security platform.

October 21, 2020

SourMint: iOS remote code execution, Android findings, and community response

As part of this ongoing effort, Snyk has leveraged new information to conduct additional research into the Mintegral SDK. As a result of this research, additional findings have been uncovered.

October 15, 2020

Enabling application security management at scale

We’re pleased to announce the release of our advanced, developer-first project management capabilities, helping organizations manage application security at scale!

September 30, 2020

How to scale successfully with Snyk’s Project Attributes and Tags

Growth is a great feeling! Whether we’re talking about plants in the garden, dough rising, or increasing the number of developers and teams that are building applications and services in your organization—you can’t help but love seeing things grow.  However, growing without the right tools to support your scaling needs can open you up to […]

September 30, 2020

7 tips for prioritizing container and web application vulnerabilities

Since fixing each and every web application vulnerability in your backlog is simply impossible, you have to prioritize. Prioritization helps you focus on the issues that matter most to your organization and thus enables you to make the most out of the limited time and resources at your disposal for the best security impact.  Where […]

September 22, 2020

SourMint: malicious code, ad fraud, and data leak in iOS

The Snyk research team has uncovered malicious behavior in a popular Advertising SDK used by over 1,200 apps in the AppStore which represent over 300 Million downloads per month, based on industry expert estimates.

August 24, 2020

New ESG research points out key application security trends

“Shift left” has become the holy grail for security teams today but organizations are still struggling to successfully implement some of the key application security processes that shifting security left entails.  A new study on application security trends in 2020 sponsored by Snyk and conducted by Enterprise Strategy Group (ESG) has found that while developers […]

August 19, 2020

Reachable vulnerabilities: how to effectively prioritize open source security

A common problem our clients report is being overwhelmed by vulnerabilities.  For small projects, you might end up depending on dozens, or even hundreds of open source libraries. For large enterprise applications, it might feel like your dependencies include half of the ecosystem. The proliferation of third-party dependencies leads to the proliferation of vulnerabilities associated […]

August 18, 2020

Announcing Snyk’s developer-first Infrastructure as Code security capabilities

We’re thrilled to announce the launch of our developer-first Infrastructure as Code security capabilities, enabling developers to find and fix misconfigurations that can lead to security problems.  With the rise in popularity of technologies such as Docker, Kubernetes, and Terraform, developers are writing and maintaining more and more configuration in addition to building the application […]

August 17, 2020

Java dependency management: how many lines of code does my application hold?

A few weeks ago I had the opportunity to give a presentation for the Dutch Java Conference JSpring. The talk was about Java dependency management.  During this talk, I created a simple Spring Boot application and determined the number of lines my java dependencies brought in versus the number of lines I wrote myself. This […]

August 12, 2020