Articles

How to Prepare for Tomorrow’s Zero-Day Vulnerabilities Today

Zero-day vulnerabilities are all too common in today’s applications. Learn how to identify and fix zero-day vulnerabilities proactively with a developer-first approach to security.

AI Glossary

Snyk’s glossary for learning about AI, including its science, common AI use cases, and how it relates to cybersecurity.

Golang SQL Injection By Example

Learn how to prevent SQL injection in Golang applications by using prepared statements and parameterized queries and leveraging tools like Snyk for vulnerability detection.

How to Write Secure Go Code

Learn how to write secure code in Go and protect your applications from vulnerabilities like SQL injection and SSRF. Discover best practices for Go development and how Snyk Code can help you identify and fix security issues effortlessly.

Understanding Server-Side Template Injection in Golang

SSTI can open the door to escalating security risks such as file inclusion, Cross-Site Scripting (XSS), or even Code Injection Attacks.

Is TypeScript All We Need for Application Security?

What are the security controls and fallacies in TypeScript security? Securing TypeScript applications involves a multi-layered approach.

How to Secure Your GitHub Actions Workflows with Snyk to Enhance JavaScript Security

Snyk provides a pre-built custom Snyk GitHub Actions workflow that you can add to your CI and saves you the trouble of managing the vulnerability scans using the Snyk CLI directly.

Security Risks with Python Package Naming Convention: Typosquatting and Beyond

Beware of typosquatting and misleading Python package names—one small mistake in pip install can expose your system to backdoors, trojans, and malicious code. Learn how attackers exploit package naming conventions and discover best practices to secure your open-source supply chain.

How to Install Python on macOS

Learn how to install Python on macOS step by step. This easy guide covers downloading, installing, and setting up Python on your Mac for beginners and developers.

Simple Doesn't Always Mean Secure: Avoid this Golang XSS Pattern

Cross-site scripting (XSS) attacks are a web vulnerability that allows attackers to inject malicious scripts into web pages. Learn how to prevent and fix XSS scripting in Golang.

Preventing Broken Access Control in Python Flask Applications

If you code your Python Flask applications for modern SaaS-like business applications, it is surely a vulnerability. Learn how to prevent broken access control in Python Flask Applications.

7 Surprising Roadblocks on the Path to DevSecOps Maturity

Understand how your organization's DevSecOps maturity compares to industry benchmarks. Learn about common challenges in risk reduction, security fatigue, and developer adoption. Get the insights.

AI Data Security: Risks, Frameworks, and Best Practices

Learn about the top data security risks of AI, along with frameworks for understanding protection and best practices for choosing AI tools.

What is Cloud Security Architecture? Principles, Framework, and Architecture Assessment

Protect your organization in the cloud with a robust cloud security architecture. Learn more about cloud security architecture and its importance.

The Risks and Impact of Data Leakage: Data Leakage Causes and Prevention

Knowing the risks and impact of data leakage can help protect your organization. Learn more about data leakage, its causes, and how to prevent it here.

14 MCP Servers for UI/UX Engineers

As LLMs' capabilities continue to expand through Anthropic’s Model Context Protocol (MCP), UI/UX engineers have access to a growing ecosystem of specialized tools that can significantly enhance their workflows. This article explores 14 open-source MCP servers for UI/UX professionals.

Navigating the Challenges of GenAI Adoption for Modern AppSec Teams

With an increase in GenAI adoption, AppSec teams face challenges. Learn what challenges AppSec teams are facing and how they can address risks with Snyk.

Achieving Security Coverage and Control Over Application Risk

Stop reacting to vulnerabilities. Build proactive application security with universal asset visibility, smart policies, and risk-based prioritization. Secure your SDLC.

What is a Data Poisoning Attack?

It’s important to protect AI models from data poisoning, an attack that injects corrupt data. Learn key strategies to detect, prevent, and mitigate risks.

ChatGPT and Secure Coding: Benefits and Security Vulnerabilities of ChatGPT-Generated Code

Using ChatGPT for coding has benefits but can also introduce security vulnerabilities. Learn more about ChatGPT and secure coding and how to offset risk here.