Learn more about new features and Snyk product announcements.
View a complete picture of the open issues across your application, covering vulnerabilities from open source libraries and container images, licenses, and now configuration issues from your Kubernetes and Terraform files.
We’re excited to share that you can now scan container images stored in Red Hat’s Quay container registry and their hosted Quay.io service with Snyk Container. Snyk Container helps you find and fix vulnerabilities in your container images and integrates with Quay as a container registry to enable you to import your projects and monitor […]
Snyk Container offers support for scanning container images stored in the popular open source container registry, Harbor. Learn how to use it to keep your containers safe.
Snyk Code provides the ability to ignore suggestions. Learn about our take on this functionality using intermediate representation. We think you'll like it.
Integration with your source code managers and issuing pull requests to fix issues has been part of Snyk’s success in helping our customers fix application dependencies for several years. Now, we want to help you address container security in a similar way. We’re happy to share that we are extending Snyk Container by helping you […]
Have you shifted left, yet? That’s the big trend, isn’t it? It’s meant to signal a movement of security responsibilities, moving from central IT teams over to developers, but that’s trickier than it sounds. Simply taking tools that are intended for use by security experts and making them run earlier in the supply chain does […]
One of our missions at Snyk is a simple one: help developers fix things easily. We further our mission by releasing features and improvements as quickly as possible, but it’s also just as important that developers have an experience which helps them gain as much value from Snyk as possible. This includes being able to […]
Welcome to Snyk API Wednesdays! This is our newest blog series that highlights the different ways the Snyk API is leveraged by our customers. Snyk’s extensibility and API enable developers to tune Snyk’s security automation to their specific workflows, ensuring both developer experience and consistent platform governance. We’re proud to start the series with a […]
At Snyk, we strongly believe in empowering developers to take ownership of security. Developers are the builders of today and ultimately hold the keys to successfully securing their code. Only a developer-first approach, one that combines developer-friendly tooling together with guidance by security, can help organizations traverse the path to better-secured applications. We are continuously […]
Imagine you are a Java programmer and that you just decided you want to use Snyk Open Source scanning to help you find security problems in your third party libraries. Good call! However, after connecting your repository to the Snyk Open Source scanner, you find out that you have ten or maybe even 50 vulnerabilities […]
Back in July, the Snyk security team was alerted about a potential security issue in the JWT package. This package provides a Go implementation of JSON web tokens and the issue that was discovered related to a function called VerifyAudience that was not working as expected. The function allowed passing a double quotes (“”) value […]