SnykSec

In this blog, we'll discuss strategies to protect your C# code from SQL injection.

SnykSec

Explore Snyk Deep Code AI Fix (DCAIF), a game-changer for developers. Unlike generative AI assistants that may introduce security vulnerabilities, DCAIF leverages a hybrid AI model to automatically fix common security issues like XSS right in your IDE.

SnykSec

Boost your Node.js skills with these backend code snippets for 2024. Copy and paste them into your own projects to save time when building backends.

SnykSec

In this article, you'll learn more about broken access control in Node.js applications and strategies to prevent such vulnerabilities when building web applications based on the Express web framework.

SnykSec

In this blog, we'll show how you can use Snyk to locate hardcoded secrets and credentials and then refactor our code to use Doppler to store those secrets instead.

SnykSec

Tired of endless security alerts? Snyk Delta Findings in the IDE helps developers cut through the noise and focus on *new* vulnerabilities introduced in their code. Reduce vulnerability fatigue and ship secure software faster. Get started for free!

SnykSec

Dive into Server-Side Request Forgery (SSRF) vulnerabilities in Go applications and explore mitigation techniques. Learn how to secure your Go code and leverage tools like Snyk Code for proactive security.

SnykSec

In this guide, we’ll discuss symmetric and asymmetric encryption, implement them in Python, and explore their best practices.

SnykSec

Let's discuss how Snyk can help mitigate three common security issues in genAI code.

Meomeo Peo

Quản lý secrets luôn là một thách thức đối với các startup, đặc biệt khi quy mô phát triển nhanh và...

SnykSec

This post outlines what we believe to be novel attacks against HTTP application middleware based on the simple foundation of HTTP response header injection.

SnykSec

Fortify your Node.js applications against log injection attacks! This guide dives deep into the dangers and solutions to protect your logs from malicious manipulation. Stop attackers and build secure Node.js applications today.

SnykSec

Discover how to secure your C and C++ code with Snyk. Learn about common vulnerabilities like memory leaks and buffer overflows in C and C++ and how Snyk’s static code analysis tool can help you identify and fix them. Protect your critical software from security threats.

SnykSec

Anthropic’s Claude 3.7 Sonnet shows improvements in secure code generation, but vulnerabilities like regex-based denial-of-service still emerge. See how it compares to other AI models and why Snyk’s security tools remain essential for developers.

SnykSec

In this blog post, we aim to provide an overview of common security vulnerabilities and vulnerable patterns that can occur when writing C/C++ add-ons in NodeJS.

SnykSec

Let's discuss the importance of PHP security and the business impact of some notable PHP interpreter vulnerabilities that are crucial for developers to get right.

SnykSec

In this post, we'll discuss what REST APIs are and how to secure them.

SnykSec

In this post, we'll cover four simple methods for finding security vulnerabilities in your Java and Kotlin code.

SnykSec

How to detect and prevent JWT security risks? Follow Snyk’s JWT security best practices for enhanced security.

Spyros

In today’s fast-paced digital landscape, where applications power everything from banking to...

SnykSec

Using ChatGPT for coding has benefits but can also introduce security vulnerabilities. Learn more about ChatGPT and secure coding and how to offset risk here.

SnykSec

Snyk Code's enhanced dataflow analysis simplifies vulnerability identification and remediation. Learn how this powerful tool streamlines the security process and saves developers valuable time.

SnykSec

Discover the details of the Ultralytics AI supply chain attack, a sophisticated two-phase breach targeting PyPI releases and GitHub Actions with cryptocurrency mining malware. Learn how to detect exposure, secure your projects, and protect against future vulnerabilities using tools like Snyk.

SnykSec

Look into the security challenges facing the booming Software-Defined Vehicle (SDV) market. While SDV promises exciting features and revenue streams, its reliance on C and C++ code, notorious for vulnerabilities, raises concerns.

SnykSec

Weak encryption algorithms are cryptographic algorithms that provide inadequate security against attacks. Find out how Snyk Code can help find weak cryptographic algorithms and with weak cryptography testing.

SnykSec

On October 31st, 2024, another package compromise and cryptocurrency hijack story unfolded for a popular npm package. Scan open source dependencies and container images in the CLI or your SCM with Snyk to determine if you're using one of the vulnerable versions of lottie-player, and potentially uncover any other security vulnerabilities you may have in your projects.

SnykSec

Recently, researchers have found another Software Supply Chain issue in BoltDB, a popular database tool in the Go programming environment. The BoltDB Go Module was found backdoored and contained hidden malicious code.