Ressourcen

AI Attacks and Adversarial AI in Machine Learning

Bad actors can alter machine learning systems through adversarial AI attacks. Learn about common attack types and how to safeguard your systems here.

Achieving Security Coverage and Control Over Application Risk

Stop reacting to vulnerabilities. Build proactive application security with universal asset visibility, smart policies, and risk-based prioritization. Secure your SDLC.

OWASP Top 10 Code Vulnerabilities and How SAST Can Stop Them

Discover the OWASP Top 10 vulnerabilities and how SAST tools like Snyk Code empower developers to detect and fix them early in the development lifecycle.

Navigating the Challenges of GenAI Adoption for Modern AppSec Teams

With an increase in GenAI adoption, AppSec teams face challenges. Learn what challenges AppSec teams are facing and how they can address risks with Snyk.

14 MCP Servers for UI/UX Engineers

As LLMs' capabilities continue to expand through Anthropic’s Model Context Protocol (MCP), UI/UX engineers have access to a growing ecosystem of specialized tools that can significantly enhance their workflows. This article explores 14 open-source MCP servers for UI/UX professionals.

The Risks and Impact of Data Leakage: Data Leakage Causes and Prevention

Knowing the risks and impact of data leakage can help protect your organization. Learn more about data leakage, its causes, and how to prevent it here.

What is LLMjacking? How AI Attacks Exploit Stolen Cloud Credentials

Attackers can exploit cloud LLMs through stolen credentials. Learn more about LLMjacking and how to protect your organization here.

What is MCP in AI? Everything you wanted to ask

MCP (Model Context Protocol) is Anthropic’s specification for how LLMs (large language models) would communicate, share data, and leverage external resources beyond the model’s data.

What is Cloud Security Architecture? Principles, Framework, and Architecture Assessment

Protect your organization in the cloud with a robust cloud security architecture. Learn more about cloud security architecture and its importance.

AI Data Security: Risks, Frameworks, and Best Practices

Learn about the top data security risks of AI, along with frameworks for understanding protection and best practices for choosing AI tools.

7 Surprising Roadblocks on the Path to DevSecOps Maturity

Understand how your organization's DevSecOps maturity compares to industry benchmarks. Learn about common challenges in risk reduction, security fatigue, and developer adoption. Get the insights.

Preventing Broken Access Control in Python Flask Applications

If you code your Python Flask applications for modern SaaS-like business applications, it is surely a vulnerability. Learn how to prevent broken access control in Python Flask Applications.

Simple Doesn't Always Mean Secure: Avoid this Golang XSS Pattern

Cross-site scripting (XSS) attacks are a web vulnerability that allows attackers to inject malicious scripts into web pages. Learn how to prevent and fix XSS scripting in Golang.

5 Key Learnings on How to Get Started in DevSecOps

During DevSecCon’s recent community call on How to Get Started in DevSecOps, security experts from the DevSecCon community shared actionable advice, practical steps, and insights for navigating this critical field. Here are the top five takeaways from this call.

How to Install Python on macOS

Learn how to install Python on macOS step by step. This easy guide covers downloading, installing, and setting up Python on your Mac for beginners and developers.

Security Risks with Python Package Naming Convention: Typosquatting and Beyond

Beware of typosquatting and misleading Python package names—one small mistake in pip install can expose your system to backdoors, trojans, and malicious code. Learn how attackers exploit package naming conventions and discover best practices to secure your open-source supply chain.

How to Secure Your GitHub Actions Workflows with Snyk to Enhance JavaScript Security

Snyk provides a pre-built custom Snyk GitHub Actions workflow that you can add to your CI and saves you the trouble of managing the vulnerability scans using the Snyk CLI directly.

Is TypeScript All We Need for Application Security?

What are the security controls and fallacies in TypeScript security? Securing TypeScript applications involves a multi-layered approach.

Can Machine Learning Find Path Traversal Vulnerabilities in Go? Snyk Code Can!

Explore how Snyk’s machine learning-powered security tools tackle path traversal vulnerabilities in Golang code. Learn how to secure your Go applications and challenge yourself to detect and exploit vulnerabilities like a pro!

Understanding Server-Side Template Injection in Golang

SSTI can open the door to escalating security risks such as file inclusion, Cross-Site Scripting (XSS), or even Code Injection Attacks.

Golang SQL Injection By Example

Learn how to prevent SQL injection in Golang applications by using prepared statements and parameterized queries and leveraging tools like Snyk for vulnerability detection.

The Importance of Code Quality

Code quality is crucial for building high-quality, secure applications. Learn more about code quality, secure development, and Snyk’s code checker.

Top 10 application security acronyms

Read all about AppSec acronyms you need to know to be able to freely discuss the results of a recent penetration test or static analysis of the code.