Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Welcome to the second part of our two-part special on Gartner’s “4 Ways Generative AI Will Impact CISOs and Their Teams” report! If you’ve missed the first part on model composition, you can read it here. Today, we will explore why security specialism matters in an AI security tool, particularly where AI quality is concerned.

Snyk’s goal has always been to empower developers to build fast but safely. This is why we created the developer security category and why we were amongst the first advocates of “shifting left.” Now, AI has changed the equation. According to Gartner, over 80% of enterprises will have used generative AI APIs or models, or deployed their own AI model, by 2026.

Over the years, application vulnerability management has been vital to DevSecOps — which emphasizes shared security responsibility across teams. However, as development practices have evolved, security teams must learn how to adapt and meet developers within their existing workflows. For example, containerization, infrastructure as code (IaC) AI coding assistants, and increased reliance on third-party code are all commonplace in the typical development lifecycle.

We are thrilled to announce the new Snyk Analytics for Snowflake, allowing Snyk customers to seamlessly access and analyze Snyk’s data from their Snowflake account.

AI adoption continues to move at a breakneck speed for businesses across the globe, as shown in a Coatue report comparing AI adoption to early internet adoption and found that AI growth is happening at two times the speed of the former.

In the fast-paced world of modern software development, grasping the full scope of an application is essential for managing an application security program. This entails having visibility into all the application assets involved in building the app, knowing their ownership, and understanding their importance to the development process and the broader business.

Welcome, fellow developers! In this blog post, we are going to delve deep into the world of application security, specifically focusing on a vulnerability that can deteriorate FastAPI security: Denial of service (DoS) caused by insecure regular expressions (regex).

SQL injection (SQLi) is one of the most severe security vulnerabilities in web applications. It occurs when an attacker is able to manipulate the SQL queries executed by an application by injecting malicious SQL code into user input fields. SQLi can lead to unauthorized access to sensitive data, data corruption, or even complete control over the database server.

In this post, we explore a powerful, yet widely unknown attack vector which has emerged in the last couple of years known as ‘Repo Jacking’. During our research, we discovered the enormous potential to compromise software components with tens of millions of downloads across the Terraform IaC (Infrastructure as Code) and Composer (PHP package registry) ecosystems. Despite its power, Repo Jacking remains under-researched and frequently misunderstood.

If you’ve been searching for guides and tutorials on getting started with Deno web development in a cloud IDE such as GitHub Codespaces, you’ve come to the right place. In this post, we will be exploring the world of Deno, GitHub Codespaces, and Dev Containers, providing you with the knowledge you need to set up your development environment effectively and efficiently in the cloud.