Ressources

Understanding Server-Side Template Injection in Golang

SSTI can open the door to escalating security risks such as file inclusion, Cross-Site Scripting (XSS), or even Code Injection Attacks.

Golang SQL Injection By Example

Learn how to prevent SQL injection in Golang applications by using prepared statements and parameterized queries and leveraging tools like Snyk for vulnerability detection.

Scaling Application Security for GenAI with Snyk and Deloitte

The Importance of Code Quality

Code quality is crucial for building high-quality, secure applications. Learn more about code quality, secure development, and Snyk’s code checker.

Top 10 application security acronyms

Read all about AppSec acronyms you need to know to be able to freely discuss the results of a recent penetration test or static analysis of the code.

A deep dive into cyber threat intelligence

As companies continue to adopt cloud native technologies, nearly 60% have increased concerns about their security posture.

Docker Security - Challenges & Best Practice

Docker security is the practice of protecting containers, applications, host systems, and anything else related to Docker. Learn more with our full guide.

AWS security: Complete guide to Amazon cloud security

What is AWS security? How secure is AWS? Explore Snyk’s top tips to help you secure your AWS deployments, and maintain visibility of your AWS resources in development and production.

Top 10 Node.js Security Best Practices

Read about five major Node.js security risks and the top ten best practices you can implement to address them and stay secure while building applications.

Java Security Explained

Learn about the basics of cybersecurity in the Java Security ecosystem, including cryptography, application authentication, and more.

Threat Intelligence Lifecycle | Phases & Best Practices Explained

Learn about the different phases of the threat intelligence lifecycle, as well as best practices for each phase.

What is technical due diligence (TDD)?

Technical due diligence is an in-depth analysis of the state of a company from a technical perspective, including its products, infrastructure, and more.

Qu’est-ce que la sécurité des conteneurs ?

Guide de la sécurité des conteneurs en 2023. Découvrez la sécurité des conteneurs dans les écosystèmes, les conseils de meilleures pratiques et comment sécuriser votre conteneur de la création à l’exécution.

Three Steps to Container Image Security

Follow our practical guide to container security, developed in partnership with Docker. 3 Essential steps to run your containers securely.

Web Application Security Explained: Risks & Nine Best Practices

It’s vital for Developers to have knowledge of web application security so they can secure web apps as they’re developed, reducing the burden on security teams.

What is container orchestration?

Orchestration refers to automating container deployment, operations, and lifecycle management. This approach automates how we provision, deploy, scale, monitor, replace, and manage storage for our running containers.

Kubernetes Monitoring Guide

Learn everything you need to know about Kubernetes monitoring: tools, best practices, critical metrics you should track, and more.

Black box testing basics

Black box testing is a software testing method that does not require knowledge about how an application is built, in order to simulate an attacker.

Code security auditing 101

A code security audit is a process of analyzing source code with the goal of finding security vulnerabilities, licensing, and other programming issues. §

Mobile application security explained

As the use of mobile apps continues to grow, so does the need for secure mobile application development. Read on for top risks, tools, and tips for mobile app security.

The Importance of Policy as Code in Your Compliance Strategy 

Learn why compliance as code should become a key part of your overall security strategy, enabling security at scale based on automated Policy as Code rules.

Understanding gray box testing techniques

Learn about what gray box testing is, how to perform gray box testing, the benefits of gray box testing as well as its drawbacks.

White box testing basics: Identifying security risks early in the SDLC

This article will help you to understand what white box testing is, the pros and cons, and techniques for white box testing.

Application Security Controls Explained

In the security hierarchy, application security controls lie below standards and policies. Policies set the boundaries expected for application security and protection, while standards create rules for enforcing those boundaries.