Ressources

Guide de sécurité cloud-native pour créer des applications sûres

La sécurité cloud-native est une stratégie qui consiste à sécuriser les applications, infrastructures et plateformes cloud tout au long du processus de développement.

Guide complet de la sécurité des applications

La sécurité des applications est l’ensemble des mesures prises pendant le cycle de vie du développement d’une application pour réduire les vulnérabilités, améliorer la sécurité et protéger les données sensibles.

Application Security Testing (AST) - Top Questions Answered

Application security testing is a key step in the SSDLC. Learn more about types of application security testing, app sec testing tools, and get started with building secure apps.

Infrastructure as Code in a DevSecOps World

Learn more about infrastructure as code (IaC), what it is exactly, and the security implications of using IaC in the real world.

SAST vs. DAST: what is the difference and how to combine the two?

Dynamic security testing (DAST) uses the opposite approach of SAST. Whereas SAST tools rely on white-box testing, DAST uses a black-box approach.

What is CI/CD? CI/CD pipeline and tools explained

Learn more about CI/CD continuous integration and continuous delivery, CI/CD pipeline, and framework. CI/CD as the foundation for DevSecOps.

Node.js licensing and security considerations

With the Node.js runtime environment becoming more popular, it's important to know about Node.js licensing and security risks for your web applications.

Copyleft: The rise of open-source software licensing

Learn more about most popular copyleft licenses, terms, conditions, difference of copyleft vs copyright. Find out what’s best for your team.

Qu’est-ce qu’une licence AGPL ? Réponses aux principales questions

Apprenez-en plus sur la licence AGPL : avantages, conditions générales, utilisation commerciale, etc. Déterminez si la licence AGPL 3, LGPL 3 ou GPL 3 standard convient à votre projet.

GNU General Public License: GPLv3 explained

Learn everything you need to know about GPL License: new clauses, the difference between GPLv2 and GPLv3, terms and conditions and more.

Sécurité Kubernetes : erreurs courantes et meilleures pratiques

Est-ce que Kubernetes est un environnement sûr ? On vous en dit plus sur les écueils liés à la sécurité Kubernetes dans un contexte de sécurité cloud-native et sur les meilleures pratiques pour sécuriser vos déploiements K8.

Qu’est-ce qu’une licence MIT ?

Apprenez-en davantage sur la licence MIT (l’un des accords de licence open source les plus simples) et intégrez la conformité des licences dans vos workflows existants.

Licences open source : types et comparaison

Apprenez-en davantage sur les différents types de licences de logiciels open source et sur la manière dont toutes visent à protéger à la fois les auteurs et les utilisateurs du logiciel.

Malicious Code Explained

What is malicious code? Learn more about malicious code and how it impacts application users and developers.

Cycle de développement logiciel sécurisé (SDLC sécurisé)

Learn more about Secure Software Development Lifecycle (SSDLC), and how to integrate security at every stage of the SDLC to enhance software integrity and protect against vulnerabilities.

Sécurité JavaScript

Apprenez-en plus sur la sécurité de JavaScript. Découvrez quelle est la meilleure défense contre les vulnérabilités courantes de la sécurité JavaScript.

API Security Testing: How to test your API security

API or application programming interface helps applications communicate with each other. Learn how to keep your API's secure with API security testing.

How to Detect and Prevent Configuration Drift

Learn about methods of detection and prevention that are effective in managing configuration drift.

How to find security vulnerabilities in source code

Learn tactical guidance for discovering and remediating source code vulnerabilities and the benefits of a SAST tool like Snyk Code.

Working With AWS Security Tools - Snyk

Learn how AWS’s built-in account security tools and Snyk’s application and service security tools work together to secure your entire AWS ecosystem.

5 DevOps pipeline best practices

Learn more about DevOps pipeline best practices including continuous integration, continuous delivery (CI/CD), automation, and observability.

What is Data Security Posture Management (DSPM)?

Data security posture management (DSPM) is the practice of using automation and management tools to secure data at cloud scale. Learn why your company needs it.

Application Risk Management

Application risk management is critical but increasingly complex. This guide outlines the steps of application risk management and valuable tools for developers.

Best Practices for Cybersecurity Audits

Is your business ready for its next cybersecurity audit? Discover the benefits and challenges of the auditing process, plus tips to help you prepare.