Application Security

Want to impress your boss with your security knowledge? Stay up to date by learning why application security is important and how you can improve.

RSA 2020: who we met and what we learned

Coming out of a busy week at RSA 2020, one of the best aspects of attending was the chance to meet with so many passionate customers and fans of Snyk and listen to their feedback. What was clear this year was a growing excitement around Snyk’s accomplishments — a palpable sense of momentum for our […]

March 2, 2020

Automating remediation for vulnerabilities in Python dependencies using Snyk

We’re pleased to announce improved support for Python in Snyk Open Source, allowing developers to remediate vulnerabilities in dependencies with the help of automated fix pull requests! The Python Packaging Index (PyPI) had more than 14 billion downloads during 2018, a staggering number by any account (because of a mid-year error in the PyPI statistics […]

February 26, 2020

Security breach leaks the personal data of all 6.5 million Israeli voters

On February 7th, 2020 I received an anonymous tip through the “leak inbox” of the Israeli CyberCyber ​​podcast.

February 12, 2020

How can a Content Security Policy prevent XSS and other vulnerabilities?

Keeping code safe in the era of cybercrime is no small feat, and many age-old tactics remain just as effective today as they were 20 years ago. When it comes to web hacking, modern browsers have made significant strides in security. Things like a content security policy can prevent many of the oldest tricks that […]

February 9, 2020

Find and fix vulnerabilities in Artifactory container repositories

We’re excited to share that you can now scan container images stored in JFrog Artifactory with Snyk Container. Snyk Container helps you find and fix vulnerabilities in your container images and integrates with Artifactory as a container registry to enable you to import your projects and monitor your containers for vulnerabilities, as is fully described […]

February 7, 2020

Is LocalStorage safe to use?

Local storage has caught the attention of developers as a lightweight solution for data storage that doesn’t involve databases or even the server. That’s neat, but is it always a good idea to use it? Here are a few thoughts from the folks at Snyk.

January 30, 2020

The cost of a security breach

Back in 2017, the Atlanta-based credit monitoring company Equifax was hacked. Equifax had been using an outdated version of the Java Apache Struts library in their system, making it possible to infiltrate their system through a known vulnerability.  As a result of this breach, the company exposed the personal details of 143 million Americans.  Recently […]

January 22, 2020

Understanding filesystem takeover vulnerabilities in npm JavaScript package manager

On the 11th of December, 2019  a security vulnerability which extends to all major JavaScript package managers (npm, yarn and pnpm) was publicly disclosed. This vulnerability, discovered by security researcher Daniel Ruf, allows malicious actors to apply varied tactics of arbitrary file overwrites. In this article: How do Node.js command line packages work? How does […]

January 7, 2020

Building security into your Azure DevOps Pipeline

Azure Pipelines allows users to focus more time on writing their applications by making it easy to automate their builds, tests, and deployments. Specifically, Tasks for Azure Pipelines enables users to customize and automate an Azure Pipelines CI/CD workflow with a group of ready-to-use tasks that can be inserted into pipelines from the Azure Pipelines […]

December 16, 2019

Snyk Unifies Open Source and Container Security for Coveo

It’s an exciting time for our team with the recent launch of Snyk Container and just coming back from KubeCon. The best validation though comes when users and customers find Snyk’s products valuable to their business.  Coveo, which uses artificial intelligence technology to personalize millions of digital experiences, started using Snyk for license management last […]

November 22, 2019

What’s so wild about exploits in the wild – and how can we prioritize accordingly?

How exploits in the wild translate into greater risk, how we can evaluate that risk, and discuss how to prioritize and quickly handle your vulnerabilities accordingly.

November 21, 2019