The AWS cloud platform is one of the most used cloud platforms in the world. It gives companies a level of flexibility with its myriad of uses but it is not without its own challenges, namely, maintaining security.

Managed vulnerability scanning is a cybersecurity service that uses software, vulnerability scanners, human-led and automated penetration testing, and other tools to help an organization identify, track, evaluate, and mitigate security risks both inside their network and connected external sources. Even organizations with the most sophisticated information technology security professionals are challenged when dealing with the hundreds of new threats released into the wild each month.

CVE-2023-2825 vulnerability is a recently discovered vulnerability in GitLab. It allows unauthorized access to GitLab repositories to read arbitrary files. This post will discuss further details of the vulnerability, its location, discovery, and how the Astra scanner scans for it.

We’re excited to announce a new Snyk app for Slack that provides notifications within the channels your teams rely on to address security issues in your code, open source dependencies, containers, and cloud infrastructure. Your developer teams get the notifications that matter the most, in their preferred collaboration platform, so they can act on them immediately.

Designed to support the digital resiliency of financial institutions in the EU and UK, the Digital Operational Resilience Act is set to go in effect in January 2025. In this blog, we take a deep dive into what organizations must do in order to be compliant with this new legislation. Digital resiliency is one of the financial sector's most significant challenges today.

Being one of the world’s largest cloud platforms comes with its own set of challenges. In the case of AWS, the major challenge is maintaining their platform’s security.

Penetration testing is crucial to ensuring a resilient security posture within an organization. It simulates an attack on the system, application, or network to discover vulnerabilities before hackers do. Developers often use penetration testing to verify that applications’ internal resources are safe from unauthorized access. In this situation, the tester or ethical hacker serves as a malicious actor. They gather as much information about the system as possible to find exploitable weaknesses.

The number of detected common vulnerabilities and exposures (CVEs) has significantly increased in the past decade. In the last five years, security researchers reported over 100,000 new CVEs. The highest reported annual figure was in 2022, with over 25,000 new CVEs. This number can overwhelm any security team if it’s not managed correctly between assessment, reporting, remediation, and monitoring.

A security violation in the form of a data breach can create costly damage to a company's reputation. But what exactly is a data breach? The European Commission has divided data breaches into three distinct categories — confidentiality breaches, integrity breaches, and availability breaches: In this article, you'll learn more about what a data breach is and how you can prevent data breaches when designing and developing your software.

We’re thrilled to announce that Snyk has been named a Leader in the 2023 Gartner Magic Quadrant for Application Security Testing! Snyk was named in the Magic Quadrant for Application Security Testing (AST), for the first time, as a Visionary in 2021. And today, we’re excited and honored to announce that Gartner has recognized us in the Leaders Quadrant in the 2023 Magic Quadrant report.

As you all know, KnowBe4 frequently promotes security awareness training and we also mention that unpatched software is a distant number two issue after social engineering. We generally say that unpatched software is involved in 20%-40% of successful exploits. It's been hard though to get good figures on that for years and even CISA has not published hard numbers, even though they appear to focus on it.

The Apache Log4j vulnerability has been making global headlines since it became public on 9th December 2021. The report stated that the vulnerability affects Apache log4j between versions 2.0 and 2.14.1 and is independent of the underlying JDK version. It was a full-blown security meltdown that resulted in hackers performing remote code executions and affected digital systems across the globe. In response, Apache implemented patch fixes, but some components remained unattended.

SBOM is the acronym for Software Bill of Materials, which is a list of all the open source npm packages that are part of your project. But it’s not only limited to open source or software packages, and can include operating system libraries, microservices inventory and more.

The number and complexity of software vulnerabilities is continuously growing. The ability of development and security teams to assess the threat level a given vulnerability poses and prioritize fix efforts accordingly greatly depends on access to as much context as possible about the vulnerability.

Nowadays, the final product of most Git repositories is a Docker image, that is then used in a Kubernetes deployment. With security being a hot topic now (and for good reasons), it would be scanning the Docker images you create in the CI is vital. In this piece, I’ll use GitHub Actions to build Docker images and then scan them for security vulnerabilities. The Docker image built in the CI is also pushed to GitHub’s Docker registry.

AWS vulnerability management is the continuous process of identifying and managing vulnerabilities within your organization’s AWS environment. Vulnerability management in AWS also includes reporting and remediation of detected security risks and is a vital practice in good AWS security management.

Earlier this year, we released a report on the top 10 open source vulnerabilities from data based on user scans — giving you an inside look into the most common (and critical) vulnerabilities Snyk users found in their third-party code and dependencies. Building on this trend, we decided to look into the most common vulnerabilities in first-party code. While OWASP served as a guiding light for open source security intel, gathering data on proprietary code was a bit more complex.

On May 16th, Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) released an advisory highlighting the various malicious indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) being leveraged by the BianLian ransomware group.

Analysis of Microsoft Power Platform’s security features revealed limitations that could expose organizations to security risks, such as difficulty enforcing DLP policies for pre-existing resources and issues with HTTP calls or custom connectors.

ServiceNow’s biggest event of the year — Knowledge 2023 — is here, and Snyk is excited to be a part of it with some big news! Back in January, we announced Snyk Security for Application Vulnerability Response to bring Snyk Open Source software composition analysis to ServiceNow Security Operations.

I feel I need to clarify, for legal reasons, that this is nothing to do with any Harry Potter game. The reference is made because we are dealing with spells and magic, and I mean magic in the literal sense, not a reference to application security – although on some/most days it feels like magic. Time-Of-Check Time-Of-Use (TOCTOU) and Race Conditions? What’s it all about?

The healthcare industry has been struck with a growing number of cyberattacks over the last few months, raising concerns in the healthcare industry and in Washington, D.C. The continued onslaught of attacks has raised the question of how healthcare entities can and should be raising their cyber defenses. One potential tool in a hospital, or any industry's toolbox, can be Trustwave's patent-pending Advanced Continual Threat Hunt (ACTH) platform.

Balancing the volume of applications and the increased deployment frequency with the need for security is a struggle for both development and security teams. Recent research indicates that vulnerability management in modern software development has become more complex, with 69% of CISOs acknowledging this challenge. Consequently, many applications are not adequately covered by security scans.

In this post, we’re going to learn how Foundry can be used to write a proof of concept (PoC) for uninitialized smart contract vulnerabilities. We will take a look at and exploit a simple uninitialized smart contract vulnerability we found in BadgerDAO. If you are familiar with this type of vulnerability, jump straight to the Foundry PoC section. You can also find the PoC code on this GitHub repository.

On May 11th, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released an advisory highlighting the active malicious exploitation of CVE-2023-27350 in PaperCut MF and PaperCut NG software by a threat actors including one known as the Bl00dy Ransomware Gang. The US-CERT Alert (AA23-131A) Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG includes detailed information about this investigation (along with attacker TTPs and IOCs).

Ignoring the little stuff is never a good idea. Anyone who has pretended that the small noise their car engine is making is unimportant, only to later find themselves stuck on the side of the road with a dead motor will understand this statement. The same holds true when it comes to dealing with minor vulnerabilities in a web application. Several small issues that alone do not amount to much, can in fact prove dangerous, if not fatal, when strung together by a threat actor.

Web applications are vulnerable to several kinds of attacks, but they’re particularly susceptible to code injection attacks. One such attack, the XPath Injection, takes advantage of websites that require user-supplied information to access data stored in XML format. All sites that use a database in XML format might be vulnerable to this attack. XPath is a query syntax that websites can use to search their XML data stores.

KrakenLabs has developed a new naming convention that uses poisonous plants to represent the origin and criminal activities of threat actors. This approach provides a creative way to classify different types of threat actors, allowing security professionals to quickly understand the nature and behavior of the threat actor, which is helpful for identifying and mitigating threats effectively.

We are honored and humbled to announce Snyk has been named to the CNBC 2023 Disruptor 50 List, following our debut on the Disruptor List in 2021 and our listing as a Top Startup for the Enterprise in 2022. The full list was unveiled this morning. Industry recognitions like this are a testament to all of the hard work and dedication our global team puts into fulfilling our founding mission each and every day: equipping and empowering every one of the world’s developers to build securely.

Organizations can reduce security risks in containerized applications by actively managing vulnerabilities through scanning, automated image deployment, tracking runtime risk and deploying mitigating controls to reduce risk Kubernetes and containers have become de facto standards for cloud-native application development due to their ability to accelerate the pace of innovation and codify best practices for production deployments, but such acceleration can introduce risk if not operationalized properly.

Finding and fixing security issues in your code has its challenges. Chief among them is the important step of actually changing your code to fix the problem. Getting there is a process: sorting through security tickets, deciphering what those security findings mean and where they come from in the source code, and then determining how to fix the problem so you can get back to development. Not to worry — AI will take care of everything, right?

Hackathons are well known among software development teams for driving innovation and collaboration. So, what if we applied that model to cybersecurity to improve an organization’s application security posture? That would be a dream come true for any CISO and security practitioner — and is exactly what we set out to do at Snyk in February 2023. Check out some of the funniest moments from our panels.

In honor of May the 4th, we’re featuring a narrative from an Imperial trooper in a faraway galaxy as he reflects on his organization’s worst day and how it could’ve gone differently. Don’t get me wrong. I’m still proud to work for one of the most formidable organizations in the galaxy. But as most of you probably know, we’ve recently hit quite a setback. Our higher-ups decided to build a space station.

Recently, there has been a flurry of announcements claiming to have what we call Runtime Insights, the ability to prioritize vulnerabilities. Here are two examples: I can confirm that this approach works, and it works very well. It substantially decreases the number of vulnerabilities that a team has to manage, sometimes by a factor of 100 or more! How do I know it? Because Sysdig invented this approach.

Businesses should patch their TP-Link routers as soon as possible, after the revelation that a legendary IoT botnet is targeting them for recruitment. The notorious Mirai botnet, which hijacks control of vulnerable IoT devices, is now exploiting TP-Link Archer AX21 routers to launch distributed denial-of-service (DDoS) attacks.

AI is advancing at a stunning rate, with new tools and use cases are being discovered and announced every week, from writing poems all the way through to securing networks. Researchers aren’t completely sure what new AI models such as GPT-4 are capable of, which has led some big names such as Elon Musk and Steve Wozniak, alongside AI researchers, to call for a halt on training more powerful models for 6 months so focus can shift to developing safety protocols and regulations.

Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I share new Microsoft Power Platform DLP Bypass findings we’ve uncovered.

Businesses increasingly run on software, which, unbeknownst to its developers, can contain vulnerabilities that attackers often discover and exploit before a patch is available. This makes zero day attacks inevitable, but you can reduce their impact in your network and across your supply chain if you’re prepared to act fast.

Software vulnerabilities are one of the leading threats to an organization's cybersecurity posture, yet recent research from Bitsight reveals that enterprises affected by software vulnerabilities resolve them at a typical compound rate1 of only about 5% per month compounded continuously. However, there is evidence of much faster remediation for certain classes of vulnerabilities.

When a web server receives an HTTP request, it is processed and sent back with a response containing the requested resource and any additional information in the form of HTTP response headers. These headers provide important data, such as last-modified dates, content types, and cache-control settings. The browser then uses this information to determine how to display or store that particular resource. This process helps ensure efficient communication between web servers and browsers.

In our new vulnerability research report, Forescout Vedere Labs discusses an often-overlooked aspect of Border Gateway Protocol (BGP) security: vulnerabilities in its software implementations. More specifically, vulnerabilities in BGP message parsing found in the popular FRRouting implementation that could be exploited by attackers to achieve a denial of service (DoS) condition on vulnerable BGP peers.