security industry

Snyk Closes $200M to Modernize Security Industry

On behalf of the entire Snyk family, I’m humbled to announce that today marks the closing of our latest funding round—an investment of $200 million led by Addition, a firm focused on supporting visionary entrepreneurs.

September 9, 2020
PuCharm plugin

Helping Python developers shift security left with a new PyCharm plugin

We’re happy to announce Snyk’s brand new PyCharm plugin, helping Python developers find and fix security and license issues in their open source dependencies as early as their first lines of code!  Tackling vulnerabilities within the IDE is an important part of shifting security left and enabling developers to take on more responsibility for security … Continued

September 8, 2020
Red Hat CodeReady Dependency Analytics

Looking at the Snyk integration with Red Hat CodeReady Dependency Analytics

This new article, published on Red Hat Developer, looks at how the newest release of CodeReady Dependency Analytics helps you detect, identify, and fix security vulnerabilities in your code through the Snyk integration. Red Hat CodeReady Dependency Analytics is a hosted service on OpenShift that provides vulnerability and compliance analysis for your applications, directly from … Continued

September 3, 2020
SnykCon 2020

Why your team should attend SnykCon 2020

In 2020, meeting and engaging with others is more important than ever before. That’s why this fall we’re introducing SnykCon! A conference to bring the DevSecOps community together for 2 days of sharing, learning, and fun. Need a few great reasons to send your team? Read on! 1. Learn a new approach to securing software … Continued

September 2, 2020
Software Composition Analysis

New Gartner Market Guide highlights the importance of Software Composition Analysis (SCA)

The 2020 Gartner Market Guide for Software Composition Analysis (SCA) has been published, highlighting the growing importance of open source software security, and outlining recommendations for effective risk management and mitigation.  According to the guide, more than 90% of organizations rely on open source software. There are multiple benefits explaining this reliance, but first and … Continued

September 1, 2020
open source development risks

Snyk & Trend Micro deepen collaboration with a new solution for solving open source development risks

We’re thrilled to deepen our collaboration with our long-standing partner Trend Micro, a global cloud security leader, to co-develop a first-of-its-kind solution that will help security teams manage the risk of open source vulnerabilities.  The next phase of our collaboration with Trend Micro builds on the already highly successful partnership centered on Snyk Intel, our … Continued

August 27, 2020
security testing

Enhancing security testing for Go projects using DepGraphs

We’re happy to announce the vastly improved performance of security testing for Go projects via the Snyk CLI, in some cases improving scan time by more than 90%! This improvement—soon to be introduced in additional languages—was made possible by changes applied to our scanning method that enable Snyk to handle huge projects, even ones the … Continued

August 26, 2020
malicious code, ad fraud

SourMint: malicious code, ad fraud, and data leak in iOS

The Snyk research team has uncovered malicious behavior in a popular Advertising SDK used by over 1,200 apps in the AppStore which represent over 300 Million downloads per month, based on industry expert estimates.

August 24, 2020
prototype pollution

Prototype pollution in express-fileupload

Welcome to the Snyk Monthly Vulnerability Profile. In this series, Snyk looks back on the vulnerabilities discovered by or reported to our Security Research Team. We choose one noteworthy vulnerability from the past month and tell the story behind the discovery, research, and disclosure of the vulnerability. We highlight the researchers, developers, and users who … Continued

August 24, 2020
application security trends

New ESG research points out key application security trends

“Shift left” has become the holy grail for security teams today but organizations are still struggling to successfully implement some of the key application security processes that shifting security left entails.  A new study on application security trends in 2020 sponsored by Snyk and conducted by Enterprise Strategy Group (ESG) has found that while developers … Continued

August 19, 2020