Resources

Understanding Server-Side Template Injection in Golang

SSTI can open the door to escalating security risks such as file inclusion, Cross-Site Scripting (XSS), or even Code Injection Attacks.

OpenCart Vulnerability Research (v4.0.2.3/3.0.3.9)

Discover the security vulnerabilities in OpenCart's admin and customer functionalities, including XSS, Zip Slip, and SQL Injection exploits. Learn how these flaws impact e-commerce systems and how attackers can exploit them for remote code execution.

Golang SQL Injection By Example

Learn how to prevent SQL injection in Golang applications by using prepared statements and parameterized queries and leveraging tools like Snyk for vulnerability detection.

Scaling Application Security for GenAI with Snyk and Deloitte

Don’t Get Too Comfortable: Hacking ComfyUI Through Custom Nodes

This research focuses on ComfyUI, a popular stable diffusion platform with over 1,300 custom node extensions available. Through real-world examples, we demonstrate how even seemingly minor vulnerabilities in custom nodes can lead to full server compromise and explore practical strategies for securing applications that rely on third-party plugin ecosystems to minimize these risks.

The Importance of Code Quality

Code quality is crucial for building high-quality, secure applications. Learn more about code quality, secure development, and Snyk’s code checker.

Top 10 application security acronyms

Read all about AppSec acronyms you need to know to be able to freely discuss the results of a recent penetration test or static analysis of the code.

A deep dive into cyber threat intelligence

As companies continue to adopt cloud native technologies, nearly 60% have increased concerns about their security posture.

Docker Security - Challenges & Best Practice

Docker security is the practice of protecting containers, applications, host systems, and anything else related to Docker. Learn more with our full guide.

AWS security: Complete guide to Amazon cloud security

What is AWS security? How secure is AWS? Explore Snyk’s top tips to help you secure your AWS deployments, and maintain visibility of your AWS resources in development and production.

Top 10 Node.js Security Best Practices

Read about five major Node.js security risks and the top ten best practices you can implement to address them and stay secure while building applications.

Java Security Explained

Learn about the basics of cybersecurity in the Java Security ecosystem, including cryptography, application authentication, and more.