Resources

Enterprise security tools: types and key considerations

Security tooling is a financial investment and an investment of time and resources to deploy, maintain, and manage. Therefore, organizations must carefully evaluate and prioritize their security needs to choose the best tools for their unique needs.

Enterprise Cloud Security: Secure cloud deployments at scale

In the face of many threats, enterprises must take a comprehensive approach to cyber security to protect sensitive data and infrastructure in the cloud.

Product Security vs. Application Security: What’s the Difference?

Discover the differences between product and application security to build more secure products and applications.

Getting Started with Capture the Flag

If you're new to CTFs or looking to sharpen your skills, understanding how they work is key to success. This article breaks down the importance of CTFs in cybersecurity—how they help you develop critical security skills, understand real-world vulnerabilities, and improve your ability to defend systems effectively.

Types of CTF challenges

The evolution of CTFs has been a dynamic journey from simple text-based challenges to complex, multifaceted events that test a wide range of cybersecurity skills.

CTF platforms & practice

Capture the Flag (CTF) competitions are a popular way for cybersecurity enthusiasts, students, and professionals to test and expand their skills in a gamified environment. Over the years, several platforms have emerged that offer CTF challenges and practice environments. 

CTF strategies & techniques

Capture the Flag (CTF) has become increasingly popular in the field of cybersecurity as a training ground for aspiring ethical hackers and cybersecurity professionals. It involves a series of challenges where participants must use their technical skills and knowledge to solve problems, find hidden flags, and gain points. CTF challenges cover a wide range of topics, including web application security, binary analysis, cryptography, and more.

CTF tools

CTFs (Capture the Flag) are competitions where participants try to solve various cybersecurity challenges, such as exploiting vulnerabilities, reverse engineering, digital forensics, and cryptography, to retrieve a "flag." To assist in solving these challenges, there are numerous CTF tools available, and participants typically have a toolkit that caters to the various CTF categories.

Gaining transferable security skills with CTFs

How is AI being used in cybersecurity?

Learn how the emergence of AI is changing organizations' approaches to cybersecurity, leveraging different AI models to improve the efficiency of cybersecurity programs.

AI Attacks & Threats: What are they and how do they work?

Discover more about AI cyber-attacks: what they are, how they work, and how to protect your business against them.

How to Prepare for Tomorrow’s Zero-Day Vulnerabilities Today

Zero-day vulnerabilities are all too common in today’s applications. Learn how to identify and fix zero-day vulnerabilities proactively with a developer-first approach to security.

Securing the software supply chain with AI

Discover how AI is both a threat and a solution for securing software supply chains. Learn about emerging AI attack vectors, AI-powered defenses, AIBOMs, and how Snyk can help.

Cybersecurity audit types explained

Learn the different types of security audits, when you should use each of them, and where to integrate audits into existing security pipelines.

Everything you need to know about Container Runtime Security

In this article you will find everything you need to know about container runtime security, including how to keep your container images secure.

Securing a Java Spring Boot API from broken JSONObject serialization CVE-2023-5072

This article explains how a critical vulnerability (CVE-2023-5072) in JSONObject library can lead to denial-of-service attacks on Spring Boot Java applications and provides steps to mitigate the risk.

How to avoid SSRF vulnerability in Go applications

In this article, learn how SSRF vulnerabilities manifest in Go applications, and how developers can implement effective security measures to protect their applications and data.

2024 State of Open Source Security Report

Python Pickle Poisoning and Backdooring Pth Files

Discover the security risks of Python's pickle module and learn how malicious code can exploit PyTorch .pth files. Explore practical examples, safeguards like safetensors, and tips for secure machine learning workflows.

Taming AI Code: Securing Gen AI Development with Snyk

AI generated code is increasing the rate of development, but not without security challenges. Learn how to secure AI generated code.

How to respond to a newly discovered vulnerability

Learn how to effectively respond to newly discovered vulnerabilities with a structured approach using the Vulnerability Management Cycle. Discover the importance of tools like Snyk for centralizing, analyzing, and remediating vulnerabilities across your software development lifecycle.

How does Snyk DCAIF Work under the hood?

Read our technical deep-dive into how Snyk's DCAIF works. To start, with Snyk's Deep Code AI Fix, simply register for a Snyk account here, enable Snyk Agent Fix in your Snyk settings, and start reliably auto-fixing vulnerabilities in seconds.

DevSecOps is Dead…or is it?

Learn why DevSecOps has fallen short and discover a new framework to align security with development goals.

The anatomy of a successful DevSecOps program

Our on-demand webinar discussed the state of DevSecOps in 2024.