Skip to main content

Resources

Buyers guide

Future-proof your development: The SAST/SCA buyer’s guide for the AI era

Read now

White paper

DevSecOps is Dead…or is it?

Read now

White paper

Discover the path to trusted software

Read now
Type
Topic

Showing 49 - 60 of 266 resources

Article

Vulnerabilities in Deep Learning File Formats

While pickle is a common way to store neural network weights, it can be vulnerable to attacks if downloaded from untrusted sources. Safer alternatives like SafeTensors only store raw data and prevent malicious code execution.

Article

Hijacking OAUTH flows via Cookie Tossing

Learn about Cookie Tossing attacks, a rarely explored technique to hijack OAuth flows and enable account takeovers at Identity Providers (IdPs). Discover its implications, real-world examples, and how to safeguard applications using the Host cookie prefix.

eBook

Taming AI Code: Securing Gen AI Development with Snyk

AI generated code is increasing the rate of development, but not without security challenges. Learn how to secure AI generated code.

Article

How to respond to a newly discovered vulnerability

Learn how to effectively respond to newly discovered vulnerabilities with a structured approach using the Vulnerability Management Cycle. Discover the importance of tools like Snyk for centralizing, analyzing, and remediating vulnerabilities across your software development lifecycle.

Article

How does Snyk DCAIF Work under the hood?

Read our technical deep-dive into how Snyk's DCAIF works. To start, with Snyk's Deep Code AI Fix, simply register for a Snyk account here, enable DeepCode AI Fix in your Snyk settings, and start reliably auto-fixing vulnerabilities in seconds.

White Paper

DevSecOps is Dead…or is it?

Learn why DevSecOps has fallen short and discover a new framework to align security with development goals.

Video

The anatomy of a successful DevSecOps program

Our on-demand webinar discussed the state of DevSecOps in 2024.

Article

Improving your Java application with Records

Java Records revolutionizes the way you create data-centric classes in Java, offering a concise and secure approach. Embrace Java Records and unlock efficient and maintainable Java development.

Video

Securing AI-Generated Code in Banking

Article

Getting started with Practical Rego

Read this guide introducing Rego, a declarative policy language, for programmers familiar with imperative languages like Python or Java. It covers key concepts, common pitfalls, and best practices for writing effective Rego policies.

Article

JavaScript Static Analysis with ESLint and Biome

Biome, a new tool in the JavaScript ecosystem, combines code formatting and quality linting. It offers speed and performance advantages over traditional tools like ESLint and Prettier, making it a compelling alternative. With its integration into development environments like VS Code and potential adoption by major projects, Biome is poised to reshape the way JavaScript developers approach code quality and formatting.

Article

Oops I built a feature and created an Open Redirect Vulnerability in a Deno app

Build your first Deno web application with a step-by-step guide. Learn how to implement a redirect feature while avoiding common security pitfalls like open redirect vulnerabilities. Secure your Deno app with best practices and discover how to set up a Deno development environment in GitHub Codespaces.