Looking for highly technical articles? Our Engineering team is here to provide you with tool and technology-specific content, as well as in-depth technical guides of the Snyk products.
Are you looking for best practices on how to build Node.js Docker images for your web applications? Then you’ve come to the right place! This cheatsheet provides production-grade guidelines for building optimized and secure Node.js Docker images.
Developing Kubernetes applications can be hard. We’re often dealing with microservice architectures with a lot of moving parts, along with developing the cluster configuration to hook them all together, and workflows for rapid iteration and testing can become convoluted and hard to manage for engineering teams. This is where tools like Tilt come in. Tilt […]
Java serialization is a mechanism to transform an object into a byte stream. Java deserialization is exactly the other way around and allows us to recreate an object from a byte stream. Java serialization—and more specifically deserialization in Java—is also known as “the gift that keeps on giving”. This relates to the many security issues […]
Git is a fantastic tool many developers use for version control on their projects. Although there are many other version control systems—like Subversion (SVN) and Concurrent Versioning System (CVS)—git is by far the most commonly used. A good reason for this is the focus on distributed development and the easy way to use branches. Let’s […]
As the container ecosystem has matured, the one thing we’re not short on is options—both in terms of the software we use, and how we plug it all together. One of these options would be the combination of Buildah, Podman, and Skopeo—three open source command line tools with their origins in the RedHat ecosystem. As […]
Over the past year, we have been working hard to improve our testing for Gradle projects imported from Git repositories by making it more reliable, accurate, and scalable. We understood that parsing a Gradle manifest, instead of a Gradle lock file, would be a never-ending war that we would always lose. Trying to interpret the […]
Kernel privilege escalation: how Kubernetes container isolation impacts privilege escalation attacks
During the day, I spend my time analyzing Terraform code, Kubernetes object configuration files, and identifying common security issues. When the sun sets, I put on my hoodie, fire up Linux VMs and debuggers to look under the hood of technologies that make up the cloud native ecosystem. In this post, we will explore how […]
Using git as a code versioning tool is a day-to-day activity for developers, and some of you may be practicing your git workflow through the command line. Preferably with a dark theme too, right? Although a GUI for git might come in handy for an integrated development environment (IDE) such as IntelliJ, or VS Code, […]
As engineering managers, we carry many responsibilities. Two critical responsibilities I have come across throughout my career are: delivering high-quality features on time. supporting your team members’ professional growth and development. Senior engineers are a key enabler to both responsibilities. They are the main players the team lead can rely on to achieve these goals. […]
Snyk helps our customers to integrate security into their CI/CD pipelines, so we spend a lot of time thinking about automation. When it comes to releasing our own software, we’re always looking to adopt best practices for test and release. In this blog, I’ll talk about the release process for our Kubernetes Operator, and show […]
Over the last few years, following Docker’s release, containers have become more and more the standard mechanism for software delivery. We see a growing number of container-based solutions and while innovation in the space is obviously welcomed, there is a requirement for establishing certain standards around format and runtime. Because of the rapid growth of […]