Skip to main content
Headshot of Liran Tal

Liran Tal

Director of Developer Relations, Snyk

Award-winning software developer, security researcher, and open source champion in the JavaScript community. His contributions to developer security education include leading OWASP projects, building supply chain security tools, participation in CNCF and OpenSSF initiatives, and authoring books such as O'Reilly's Serverless Security.

Showing 169 - 180 of 190 records

Blog

Scoring security vulnerabilities 101: Introducing CVSS for CVEs

May 16, 2019

Blog

A Denial of Service vulnerability discovered in the Axios JavaScript package - affecting all versions of the popular HTTP client

May 6, 2019

Blog

190,000 users affected by Docker Hub’s security breach. Now what?

April 29, 2019

How much do you really know about the npm package registry
Blog

How much do we really know about how packages behave on the npm registry?

April 22, 2019

Blog

After three years of silence, a new jQuery prototype pollution vulnerability emerges once again

April 15, 2019

Blog

Malicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem

April 4, 2019

Blog

Introducing experimental integrity policies to Node.js

March 21, 2019

Blog

What is package lock json and how a lockfile works for yarn and npm packages?

March 14, 2019

Blog

78% of vulnerabilities are found in indirect dependencies, making remediation complex

February 26, 2019

Blog

88% increase in application library vulnerabilities over two years

February 26, 2019

Blog

Open source maintainers want to be secure, but 70% lack skills

February 26, 2019

Blog

ReDoS vulnerabilities in npm spikes by 143% and XSS continues to grow

February 26, 2019

Page 1Page 12Page 13Page 1415Page 16