Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

JavaScript

Reducing the Noise: Why Vulnerability Types Matter

Most application security testing focuses on server-side vulnerabilities. While vulnerability management alerts are necessary within today’s threat landscape for increased security, your teams can quickly become overwhelmed by them. These alerts can create a lot of noise for your development teams, other IT staff, and even your business operations.

Code Intelligence Integrates with Jest to Enable Developers to Test JavaScript for Vulnerabilities

Developers who run unit tests in Jest can now test their JavaScript applications for bugs and security vulnerabilities, including remote code execution, cross-site scripting, and injections.

Stranger Danger: Your Java Attack Surface Just Got Bigger

Building Java applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome, you're a cloud native application developer! As developers, our responsibility broadened, and more software means more software security concerns for us to address.

State of JavaScript Security - Nordic Financial Institutions

Bytesafe research found that 78% of public web sites for members of the Swedish Bankers' Association used open source packages with known vulnerabilities. The report indicates that many of the financial institutions have challenges keeping components up to date to avoid vulnerabilities. Download the full report to find out the state of Javascript security for the Nordic Financial Institutions in 2021.

How to Fuzz JavaScript with Jest and Jazzer.js

In this post, we will show how you can write fuzz tests for your JavaScript projects in Jest as easily as regular unit tests. To make this possible, we have added integration for Jazzer.js into Jest, which enables you to write fuzz tests using the familiar Jest API. Additionally, you get great IDE support with features such as debugging and test coverage reporting out-of-the-box. This integration enables a smooth user experience with the advanced fuzzing technology provided by Jazzer.js.

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.

Stranger Danger: Your JavaScript Attack Surface Just Got Bigger

Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.

Data Asset Classification: Why it's Important for Client-Side Protection

Web technologies are continuously evolving; both through growth and modernization. Modern web applications are becoming a must in enabling businesses to be able to sell online, acquire customers, and deliver the digital experiences today’s users want. Companies from various industries are increasingly relying on transacting sensitive Personal Identifiable Information (PII) digitally.

Magecart Attack: Hacker steals credit card info from Canada's largest alcohol retailer

The LCBO, a major Canadian retailer, recently experienced a cybersecurity breach that compromised the personal information of thousands of customers. The incident, which was discovered on January 10th, affected the client-side of the company’s website through which LCBO conducts online sales. It resulted in the unauthorized access of sensitive information such as names, addresses, email addresses, LCBO.com account passwords, Aeroplan numbers, and credit card information.

Unraveling the Secrets of Your JavaScript Dependencies

Untangling the secrets of your JavaScript Dependencies During this livestream we are joined by API lead and Node j.s expert Thomas Gentilhomme. We dive into topics ranging from, Thomas' background and experience to untangling the secrets of your dependencies, and even test an example of NPM packages. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section.