London, UK
Jan 30, 2023   |  By Matt Jarvis
Python is a popular and powerful programming language that is often used for building web applications, data analysis, and automation. One of the key challenges in such projects is ensuring the security of network communication, which can be vulnerable to various threats such as man-in-the-middle attacks and eavesdropping. Fortunately, Python offers a range of libraries for encrypting and securing network communication.
Jan 30, 2023   |  By Liran Tal
I recently finished writing my debugging book and a debugging course. And as a result, I frequently get asked about my favorite debugging features. Debugging is much more than the IDE debugger. In fact, only the first chapter in the book deals with that aspect. But when we think about debugging, tour mind gravitates to the IDE. However, there are still many nooks and crannies to discover inside these amazing tools. The core reason for this is simple — we never learned to debug.
Jan 27, 2023   |  By Jakub Andrzejewski
Nuxt is an Intuitive Web Framework that allows you to build your next Vue.js application with confidence. It’s an open source framework under MIT license that makes web development simple and powerful. I highly recommend you check out the official website if you want to get started with it.
Jan 24, 2023   |  By Sarah Conway, Marco Morales
We’re excited to announce a new partnership to bring Snyk security insights to ServiceNow workflows. The integration between Snyk Open Source and ServiceNow Application Vulnerability Response, the first of its kind, gives application security teams visibility into vulnerabilities in open source dependencies to provide a complete view of an organization’s application security posture.
Jan 17, 2023   |  By Michael Biocchi
The holidays are over but the gifts keep coming! Introducing Snyk Learn learning paths! Our free developer-security education offering just got better! Snyk Learn provides free, high-quality education to developers created by security experts. We know it’s cold outside. We also know that we might be a little slow out the gate after the holidays. Emails? No more inbox 0. Slack messages? Too many to count.
Jan 11, 2023   |  By Dan Appelquist
What’s in an OSPO? Open Source Program Offices are popping up all over, in recognition of the facts on the ground: open source software (and I would argue open standards as well) plays an enormous role in building and maintaining the software that increasingly drives the planet.
Jan 10, 2023   |  By Jason Lane, Frank Fischer
Coming off a rough and wild end to 2021 with Log4Shell in all our minds, Snyk jumped out of the gates quickly and began providing the AppSec world with new capabilities that did not disappoint. In this blog, you can review most of the key investments we made in 2022 to improve performance, add new ecosystems, and support the enterprise.
Jan 9, 2023   |  By Daniel Berman
2022 was another record-breaking year for the Snyk platform. Helping an ever-growing number of customers find and fix issues across all the components making up their applications, the Snyk platform enabled over 2,500 customers during 2022 to import over 6.7 million projects, execute over 3 billion tests, and fix over 5 million issues!
Jan 6, 2023   |  By Sonya Moisset, Vandana Verma
On January 4, CircleCI, an automated CI/CD pipeline setup tool, reported a security incident in their product by sharing an advisory.
Jan 4, 2023   |  By David Lugo
As we enter 2023, both security and digital transformation efforts (e.g. cloud migration) continue to be important priorities for organizations. This combination brings huge challenges for IT teams, who are not only required to facilitate major digital changes and increase developer productivity but also ensure that this transformation is secure by default. When using AWS in particular, it’s challenging to understand how to strike this balance between accelerated cloud growth and security.
Feb 1, 2023   |  By Snyk
Snyk integrates with your IDEs, repos, workflows, and automation pipelines to add security expertise to your toolkit. The “menu” of options available to you is extensive, so we created this three-part series to get you started and running. The first session covers basic workflows in the IDE and CLI. You’ll learn to proactively plan how to leverage Snyk in different places and different ways. We will cover basic workflows and how to use them, as well as quick tips.
Feb 1, 2023   |  By Snyk
Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.
Jan 27, 2023   |  By Snyk
A Day In the Life of a Cloud Security Leader - Lalit Kumar
Jan 19, 2023   |  By Snyk
Using Snyk Security for Bitbucket Cloud? In this recording, our teams run through the app to help you get started and stay secure!
Jan 18, 2023   |  By Snyk
In this short video, we cover the new features in the Snyk Atlassian Bitbucket Cloud app.
Jan 12, 2023   |  By Snyk
As a new Snyk customer, do you want to get started with Snyk while following best practices? Or are you interested in learning about: Account set up strategies SSO and user provisioning Notification and automation settings and more...
Jan 11, 2023   |  By Snyk
Untangling the secrets of your JavaScript Dependencies During this livestream we are joined by API lead and Node j.s expert Thomas Gentilhomme. We dive into topics ranging from, Thomas' background and experience to untangling the secrets of your dependencies, and even test an example of NPM packages. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.
Jan 11, 2023   |  By Snyk
Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.
Jan 9, 2023   |  By Snyk
What is a bug bash? What is the value? How can you run one within your company? We share how to plan a Bug Bash, as well as best practices from customers who've been running these. We will also provide a check list and other resources.
Mar 8, 2021   |  By Snyk
This book will help both development and application security architects and practitioners address the risk of vulnerable open source libraries and discuss why such vulnerable dependencies are the most likely to be exploited by attackers.
Mar 8, 2021   |  By Snyk
Forrester conducted a customer study to get insights into why organizations choose Snyk to help them tackle and implement developer-first security. Read the report to dive into the benefits, cost and value ROI for Snyk.
Feb 1, 2021   |  By Snyk
This book reviews how the serverless paradigm affects the security of an application, and dives into the benefits it brings.
Feb 1, 2021   |  By Snyk
Snyk's annual State of Open Source Security Report 2020 is here. Download it now to learn how Open Source security is evolving.
Jan 1, 2021   |  By Snyk
"Shift left" has become the holy grail for security teams today but organizations are still struggling to successfully implement some of the key processes that shifting security left entails. A new study sponsored by Snyk and conducted by Enterprise Strategy Group (ESG) has found that while developers are indeed being given more responsibility for testing their applications for security issues, they simply don't have the knowledge or right set of tools to do so.
Jan 1, 2021   |  By Snyk
81% of security and development professionals believe developers are responsible for open source security - but many organizations are still unsure how to start building a culture and practice of DevSecOps. Puppet & Snyk's study is digging deeper into the trends of DevSecOps adoption.
Dec 1, 2020   |  By Snyk
The 2020 Gartner Market Guide for SCA is here! Recent Gartner survey finds that over 90% of organizations leverage OSS in application development - and as a result, security of open source packages was the highest ranked concern for respondents. These concerns have led to a growing market, addressed by various vendors for SCA tools that mitigate the risk of OSS. New trends emerge with devops on the rise - as the market shifts towards developer-friendly SCA tools.

Snyk is an open source security platform designed to help software-driven businesses enhance developer security. Snyk's dependency scanner makes it the only solution that seamlessly and proactively finds, prioritizes and fixes vulnerabilities and license violations in open source dependencies and container images.

Security Across the Cloud Native Application Stack:

  • Open Source Security: Automatically find, prioritize and fix vulnerabilities in your open source dependencies throughout your development process.
  • Code Security: Find and fix vulnerabilities in your application code in real-time during the development process.
  • Container Security Find and automatically fix vulnerabilities in your containers at every point in the container lifecycle.
  • Infrastructure as Code Security Find and fix Kubernetes and Terraform infrastructure as code issues while in development.

Develop Fast. Stay Secure.