Subscribe to our newsletter for all the latest news and resources.

Security in context: When is a CVE not a CVE?

Learn about the general points of principle that we use to help guide our security thinking and decision making here at Snyk.

December 16, 2021

Log4Shell in a nutshell (for non-developers & non-Java developers)

In this post, we'll give an explanation of Log4Shell for non-developers and an overview of the Log4Shell vulnerability for non-Java developers.

December 15, 2021

Build securely with Snyk and GKE Autopilot

The Snyk platform works seamlessly with GKE Autopilot: a revolution in managed Kubernetes. Customers can quickly get started securing workloads on GKE Autopilot with Snyk Container's Kubernetes integration and can leverage Snyk CLI with Google Cloud Build as well as integrations with Google Container Registry, Google Artifact Registry, and one of the several Snyk Git repository SCM integrations.

December 14, 2021

Learn about the Snyk API

Read about some of the different ways the Snyk API is leveraged by our customers. Snyk's extensibility and API enable developers to tune Snyk's security automation to their specific workflows, ensuring both developer experience and consistent platform governance.

Find and fix vulnerabilities in your CI/CD pipeline with Snyk and Harness

With modern tooling like Snyk and Harness, you can find, fix, and remediate through a CI/CD pipeline and mitigate the risk to the business without affecting your ability to release software quickly.

December 10, 2021

Responsible disclosure: CodeCov CEO & CTO share learnings from the breach

Learn how CodeCov handled the responsible disclosure of their breach to their userbase in 2021.

December 9, 2021

Snyk Open Source adds beta C/C++ security scanning for unmanaged OSS

We’re happy to announce the open beta of C/C++ security support in Snyk Open Source, enabling development and security teams to find and fix known security vulnerabilities in their C/C++ open source code and libraries! 

December 8, 2021

Java JSON deserialization problems with the Jackson ObjectMapper

Learn how Jackson ObjectMapper deserialization vulnerabilities work and how to make sure you are not affected by them.

December 1, 2021

Snyk achieves AWS Security Competency status

We are very excited to announce that Snyk has achieved AWS Security Competency status, further validating our commitment to security excellence in partnering with AWS!  Tested and Trusted by AWS AWS Competency Programs, such as the AWS Security Competency, validate that partners like Snyk have demonstrated technical proficiency and proven customer success in areas like

November 30, 2021

Securing your open source dependencies with the Snyk Visual Studio Code extension

We’re pleased to announce new functionality within the Snyk Visual Studio Code extension, making it easier for developers to find and fix vulnerabilities and license issues in their open source dependencies! 

November 23, 2021

Snyk Career Stories: Starting and growing your career through the Snyk SDR program

At Snyk, we are deeply invested in career progression and offer our teams tools, skills, and development opportunities necessary to enable our Snykers to become future leaders. One of the places we’ve seen our values in action is through our Snyk SDR program.

November 22, 2021

Developing custom IaC rules with Snyk

In an increasingly cloud native world, infrastructure as code (IaC) is often the first point of entry into an application. And with technologies such as Kubernetes and Terraform becoming increasingly popular, most app developers will update at least one Kubernetes or Terraform resource at one point in their career.  But while updating and maintaining infrastructure

November 18, 2021