URL encoding is a method that ensures your URL only contains valid characters so that the receiving server can correctly interpret it. According to the RFC 3986 standard, URIs (which are a superset of URLs) only contain a limited set of characters consisting of digits, letters, and a few graphic symbols, all within the ASCII character set. If a URL contains characters outside this limited set, the characters must be percent-encoded.

As secrets have a role in most security incidents, Snyk is excited to partner with GitGuardian to help development and security teams scale their security programs and further reduce an application's attack surface at every stage of the code-to-cloud lifecycle. We recently spoke at GitGuardian's first digital conference, CodeSecDays, joining security leaders from Chainguard, Doppler, Kondukto, and more — who shared insights on software signing, open source security, and secrets management.

Incorporating security into the software development lifecycle helps ensure the creation of secure and robust software applications from the very beginning. To further evolve our security offerings in the developer community, we announced our partnership with Atlassian to introduce Snyk Security in Jira Cloud as a part of the Security in Jira launch in June. Snyk started gradually rolling out the Jira Security App and has significantly improved the functionality and features available to users.

On August 8, 2023, the.NET community was informed that the testing library called Moq exfiltrates developer's emails from their development machine and sends them off to third-party remote servers. Snyk has already published a security advisory and will alert developers who scan and monitor their.NET projects with Snyk.

As the partnership between Snyk and GitGuardian continues to grow, we’ve collaborated on a new cheat sheet that identifies key security considerations and tools that can help you mitigate risks and protect your code. The journey from code to cloud and back to code necessitates a holistic approach to security.

I am excited and humbled to share that Snyk has been named to the prestigious Forbes Cloud 100 list for the fourth consecutive year, coming in at #19. The full list was unveiled this morning. This recognition follows a number of significant company milestones, including being named a leader in both the 2023 Gartner® Magic Quadrant™ for Application Security Testing and The Forrester Wave™: Software Composition Analysis, Q2 2023 report.

Today’s discussions on AI are often affected by emotions like fear and awe, as well as the fact that AI is reduced to large language models (LLM) — but this isn’t the entire story. So, let’s step back from these fears and dig into the data explaining why AI is richer than LLMs.

The Document Object Model (DOM) acts as an interface between HTML and JavaScript, bridging the gap between static content and dynamic interactivity. This function makes the DOM indispensable for modern web developers. However, the DOM has a pitfall — DOM clobbering. DOM clobbering occurs when HTML elements conflict with global JavaScript variables or functions, which can lead to unexpected behavior and a potential security loophole in your web application.

With the SEC's adoption of new rules on cybersecurity risk management, strategy, governance, and incident disclosure by public companies, one thing is clear: better definitions are required.

When you rely on a tool to support you in an intense situation, you probably want reassurance that it got tested for extreme conditions. For example, if you’re about to go skydiving, you'd want to know that the parachute strapped to your back underwent rigorous testing and will perform it's needed most. The same is true with the systems supporting our security initiatives. What happens when those systems are under high pressure in an emergency?