Snyk achieves AWS Security Competency status
We are very excited to announce that Snyk has achieved AWS Security Competency status, further validating our commitment to security excellence in partnering with AWS!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Java Security Tip: Sanitize user input
Java Security Quick Tip: Always santize user input before you display it in your web app. Displaying user input wideout proper validation or sanitization can lead to cross-site scripting security issues. With the OWASP Encoder library, you can escape scripts and be positive that they will not be executed in the users' browser. In this video I will answer the following questions Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for Java and many other languages.
Building Secure Apps in VS Code
In this installment of SnykLIVE we're joined by Georgi Mitev and Michel Kaporin from the Product and Engineering teams at Snyk. They will show us how we can build apps more securely when using Visual Studio Code. Links shared during the session.
Securing your open source dependencies with the Snyk Visual Studio Code extension
We’re pleased to announce new functionality within the Snyk Vulnerability Scanner extension for Visual Studio Code, making it easier for developers to find and fix vulnerabilities and license issues in their open source dependencies! To help developers take more responsibility for the security of their applications, security tools must be able to integrate seamlessly into existing workflows and the tools developers are using on a day-to-day basis.
Developing custom IaC rules with Snyk
In an increasingly cloud native world, infrastructure as code (IaC) is often the first point of entry into an application. And with technologies such as Kubernetes and Terraform becoming increasingly popular, most app developers will update at least one Kubernetes or Terraform resource at one point in their career.
Announcing automated fixes for vulnerabilities in .NET dependencies
We’re pleased to announce improved support for.NET applications in Snyk Open Source, allowing developers to fix vulnerabilities in.NET dependencies with the help of actionable advice and automated pull requests! As of the time of writing, NuGet, the Microsoft-supported and de-facto standard package manager for.NET, has 276,266 unique packages, downloaded on average more than a billion times a week!
Panel on Shift-Left with CISO's - Part 3
Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
How to prevent Trojan Source attacks with Snyk Code
Earlier this month, a group of researchers at the University of Cambridge published an academic paper, with an accompanying website, on a new type of potential vulnerability that could appear in source code. They called it Trojan Source.
Proactively fixing vulnerabilities to maintain Java security and project hygiene with Snyk
As a developer, I spend a lot of time in my GitHub account. I write apps, little utilities, and proof of concepts for when I am learning something new. I like to think that, because I spend a lot of time on GitHub, the overall health of my account is pretty high.
AppSec during hypergrowth: Empower your developers to overcome the tech talent shortage
Many high-growth technology startups are pressured to deliver applications to market ahead of fast-moving competitors. It’s all too easy to allow a “we’ll get to that eventually” mentality to creep in when competing priorities appear to force a tradeoff with development velocity. This introduces unnecessary risks, but they can be mitigated by implementing an effective AppSec program that involves the right tools, processes, and mindset.