An analysis of how and why all versions of csurf npm package are vulnerable to CSRF token bypass.
Liran Tal discusses real-world incidents that demonstrate how even the mightiest of open source projects can be defeated. He also addresses the continuous struggles of open source software sustainability, maintainer burnout, and how these things affect the greater developer community.
Hack The Box (HTB) is a platform that gamifies cybersecurity training. In this article, we'll discuss how Snyk can help you solve Hack the Box and other CTF challenges.
We are excited to share that now, when using the snyk container test/monitor commands, we will scan for application vulnerabilities by default.
In this post, we'll take a look at different ways to approach Python dependency management, and briefly explore dependency security.
Learn more about the software supply chain security requirements in President Biden's Executive Order on Improving the Nation’s Cybersecurity and how Snyk can satisfy them.
the Snyk Maven plugin so you can now scan your application for security vulnerabilities in third-party libraries as part of your build cycle—putting security expertise in the hands of developers.
Code Dx 5.3 now includes a connector with Snyk, giving customers visibility to open source dependencies, license issues, and container vulnerability management.
In this installment of our cheatsheet series, we’re going to cover eight Go security best practices for Go developers. The Go language incorporates many built-in features that promote safer development practices—compared to older and lower-level languages like C—such as memory garbage collection and strongly-typed pointers. These features help developers avoid bugs that can lead to