Stay informed on security insights and best practices from Snyk’s leading experts.
表示中 121 - 140 / 299 記事
Python Pickle Poisoning and Backdooring Pth Files
Discover the security risks of Python's pickle module and learn how malicious code can exploit PyTorch .pth files. Explore practical examples, safeguards like safetensors, and tips for secure machine learning workflows.
How to avoid SSRF vulnerability in Go applications
In this article, learn how SSRF vulnerabilities manifest in Go applications, and how developers can implement effective security measures to protect their applications and data.
Securing a Java Spring Boot API from broken JSONObject serialization CVE-2023-5072
This article explains how a critical vulnerability (CVE-2023-5072) in JSONObject library can lead to denial-of-service attacks on Spring Boot Java applications and provides steps to mitigate the risk.
Docker Security - Challenges & Best Practice
Docker security is the practice of protecting containers, applications, host systems, and anything else related to Docker. Learn more with our full guide.
AWS security: Complete guide to Amazon cloud security
What is AWS security? How secure is AWS? Explore Snyk’s top tips to help you secure your AWS deployments, and maintain visibility of your AWS resources in development and production.
Top 10 Node.js Security Best Practices
Read about five major Node.js security risks and the top ten best practices you can implement to address them and stay secure while building applications.
Java Security Explained
Learn about the basics of cybersecurity in the Java Security ecosystem, including cryptography, application authentication, and more.
Threat Intelligence Lifecycle | Phases & Best Practices Explained
Learn about the different phases of the threat intelligence lifecycle, as well as best practices for each phase.
What is technical due diligence (TDD)?
Technical due diligence is an in-depth analysis of the state of a company from a technical perspective, including its products, infrastructure, and more.
Everything You Need to Know to Get Started With Container Security
Follow our practical guide to container security, developed in partnership with Docker. 3 Essential steps to run your containers securely.
Web Application Security Explained: Risks & Nine Best Practices
It’s vital for Developers to have knowledge of web application security so they can secure web apps as they’re developed, reducing the burden on security teams.
What is container orchestration?
Orchestration refers to automating container deployment, operations, and lifecycle management. This approach automates how we provision, deploy, scale, monitor, replace, and manage storage for our running containers.
Kubernetes Monitoring Guide
Learn everything you need to know about Kubernetes monitoring: tools, best practices, critical metrics you should track, and more.
Everything you need to know about Container Runtime Security
In this article you will find everything you need to know about container runtime security, including how to keep your container images secure.
Black box testing basics
Black box testing is a software testing method that does not require knowledge about how an application is built, in order to simulate an attacker.
Code security auditing 101
A code security audit is a process of analyzing source code with the goal of finding security vulnerabilities, licensing, and other programming issues. §
Mobile application security explained
As the use of mobile apps continues to grow, so does the need for secure mobile application development. Read on for top risks, tools, and tips for mobile app security.
The Importance of Policy as Code in Your Compliance Strategy
Learn why compliance as code should become a key part of your overall security strategy, enabling security at scale based on automated Policy as Code rules.
Understanding gray box testing techniques
Learn about what gray box testing is, how to perform gray box testing, the benefits of gray box testing as well as its drawbacks.
