Articles

What is CI/CD? CI/CD pipeline and tools explained

Learn more about CI/CD continuous integration and continuous delivery, CI/CD pipeline, and framework. CI/CD as the foundation for DevSecOps.

Node.js licensing and security considerations

With the Node.js runtime environment becoming more popular, it's important to know about Node.js licensing and security risks for your web applications.

Copyleft: The rise of open-source software licensing

Learn more about most popular copyleft licenses, terms, conditions, difference of copyleft vs copyright. Find out what’s best for your team.

Worum handelt es sich bei der AGPL-Lizenz? Antworten auf die häufigsten Fragen

Erfahren Sie mehr über die AGPL-Lizenz wie ihre Vorteile, Bedingungen, Eignung zur kommerziellen Nutzung und weitere Aspekte. Finden Sie heraus, ob die verschiedenen Lizenzformen (AGPL 3, LGPL 3 oder GPL 3) für Ihr Projekt geeignet sind.

GNU General Public License: GPLv3 explained

Learn everything you need to know about GPL License: new clauses, the difference between GPLv2 and GPLv3, terms and conditions and more.

Kubernetes-Sicherheit: Herausforderungen und Best Practices

Ist Kubernetes sicher? Wir stellen Sicherheitsprobleme bei Kubernetes im Kontext einer cloudnativen Security vor und geben Ihnen Tipps, wie Sie Ihre K8-Deployments schützen können.

Was ist eine Softwarelizenz?

Was ist eine Softwarelizenz? Erfahren Sie mehr über Softwarelizenzen und welche Verantwortung, Compliance-Anforderungen und Einschränkungen damit einhergehen.

Open-Source-Lizenzen: Typen und Gegenüberstellung

Open-Source-Lizenzen dienen dem Schutz von Software-Urheber und -Nutzer gleichermaßen, kommen dabei aber in diversen Modellen und Varianten daher. Hier erfahren Sie, wie Sie in diesem Kontext den Überblick behalten.

Malicious Code Explained

What is malicious code? Learn more about malicious code and how it impacts application users and developers.

Der Secure Software Development Lifecycle (SSDLC)

Learn more about Secure Software Development Lifecycle (SSDLC), and how to integrate security at every stage of the SDLC to enhance software integrity and protect against vulnerabilities.

JavaScript-Sicherheit

Erfahren Sie mehr über die JavaScript-Sicherheit und wie Sie die häufigsten JavaScript-Schwachstellen wirksam schließen.

How to Detect and Prevent Configuration Drift

Learn about methods of detection and prevention that are effective in managing configuration drift.

How to find security vulnerabilities in source code

Learn tactical guidance for discovering and remediating source code vulnerabilities and the benefits of a SAST tool like Snyk Code.

Working With AWS Security Tools - Snyk

Learn how AWS’s built-in account security tools and Snyk’s application and service security tools work together to secure your entire AWS ecosystem.

5 DevOps pipeline best practices

Learn more about DevOps pipeline best practices including continuous integration, continuous delivery (CI/CD), automation, and observability.

What is Data Security Posture Management (DSPM)?

Data security posture management (DSPM) is the practice of using automation and management tools to secure data at cloud scale. Learn why your company needs it.

Best Practices for Cybersecurity Audits

Is your business ready for its next cybersecurity audit? Discover the benefits and challenges of the auditing process, plus tips to help you prepare.

Mobile Application Security Testing (MAST) - Challenges & Tools

Mobile application security testing (MAST) is a vital element of mobile app security. Here’s how it works, plus tips for MAST tools and best practices.

Android Application Security - Securing Android Apps for Developers

Risk-Based Vulnerability Management (RBVM): What is it & how to implement

Risk-based vulnerability management (RBVM) is a relatively new AppSec practice that empowers organizations to see their risk in context and prioritize the most critical fixes.