Find and fix the Log4Shell exploit fast with Snyk
See how easy (and fast) it is to find and automatically fix Log4Shell with Snyk.
Editor's Picks
Subscribe to our newsletter for all the latest news and resources.
Security in context: When is a CVE not a CVE?
Learn about the general points of principle that we use to help guide our security thinking and decision making here at Snyk.
Log4Shell in a nutshell (for non-developers & non-Java developers)
In this post, we'll give an explanation of Log4Shell for non-developers and an overview of the Log4Shell vulnerability for non-Java developers.
Build securely with Snyk and GKE Autopilot
The Snyk platform works seamlessly with GKE Autopilot: a revolution in managed Kubernetes. Customers can quickly get started securing workloads on GKE Autopilot with Snyk Container's Kubernetes integration and can leverage Snyk CLI with Google Cloud Build as well as integrations with Google Container Registry, Google Artifact Registry, and one of the several Snyk Git repository SCM integrations.
Learn about the Snyk API
Read about some of the different ways the Snyk API is leveraged by our customers. Snyk's extensibility and API enable developers to tune Snyk's security automation to their specific workflows, ensuring both developer experience and consistent platform governance.
Find and fix vulnerabilities in your CI/CD pipeline with Snyk and Harness
With modern tooling like Snyk and Harness, you can find, fix, and remediate through a CI/CD pipeline and mitigate the risk to the business without affecting your ability to release software quickly.
Responsible disclosure: CodeCov CEO & CTO share learnings from the breach
Learn how CodeCov handled the responsible disclosure of their breach to their userbase in 2021.
Snyk Open Source adds beta C/C++ security scanning for unmanaged OSS
We’re happy to announce the open beta of C/C++ security support in Snyk Open Source, enabling development and security teams to find and fix known security vulnerabilities in their C/C++ open source code and libraries!
Java JSON deserialization problems with the Jackson ObjectMapper
Learn how Jackson ObjectMapper deserialization vulnerabilities work and how to make sure you are not affected by them.
Snyk achieves AWS Security Competency status
We are very excited to announce that Snyk has achieved AWS Security Competency status, further validating our commitment to security excellence in partnering with AWS! Tested and Trusted by AWS AWS Competency Programs, such as the AWS Security Competency, validate that partners like Snyk have demonstrated technical proficiency and proven customer success in areas like
Securing your open source dependencies with the Snyk Visual Studio Code extension
We’re pleased to announce new functionality within the Snyk Visual Studio Code extension, making it easier for developers to find and fix vulnerabilities and license issues in their open source dependencies!
Snyk Career Stories: Starting and growing your career through the Snyk SDR program
At Snyk, we are deeply invested in career progression and offer our teams tools, skills, and development opportunities necessary to enable our Snykers to become future leaders. One of the places we’ve seen our values in action is through our Snyk SDR program.
Developing custom IaC rules with Snyk
In an increasingly cloud native world, infrastructure as code (IaC) is often the first point of entry into an application. And with technologies such as Kubernetes and Terraform becoming increasingly popular, most app developers will update at least one Kubernetes or Terraform resource at one point in their career. But while updating and maintaining infrastructure