snyk
Safeguard articles tagged "snyk" — guides, analysis, and best practices for software supply chain and application security.
81 articles
How Snyk identifies dependency confusion attacks in priva...
A technical look at how Snyk detects dependency confusion attacks — from vulnerability database malicious-package flags to registry scoping and Advisor scoring.
How Snyk's open-source license compliance engine classifi...
How Snyk's license compliance engine groups open-source licenses and maps them to low, medium, high, and critical severity levels.
How Snyk's default license policy is structured and how t...
How Snyk structures its default license policy—severity tiers, unknown-license handling, and PR enforcement—and the concrete steps to customize it for your org.
How Snyk keeps its license classifications aligned with t...
How Snyk detects, normalizes, and categorizes open source license metadata against the SPDX License List to power its license compliance policies.
How Snyk detects deprecated or unmaintained packages befo...
A look at how Snyk Advisor scores package maintenance health and surfaces deprecated or abandoned dependencies before they turn into security incidents.
How Snyk scans NuGet and .NET project files for vulnerabl...
How Snyk resolves NuGet and .NET dependency graphs from csproj, packages.config, and project.assets.json files to find vulnerable packages.
How Snyk scans Composer/PHP and RubyGems dependency manif...
A technical look at how Snyk parses composer.json/composer.lock and Gemfile/Gemfile.lock to build dependency trees and match PHP and Ruby packages against known vulnerabilities.
How Snyk's exploit maturity rating is researched and assi...
A look at how Snyk researches and assigns exploit maturity ratings — the categories, the manual research process, and how the label shapes vulnerability prioritization.
How Snyk handles vulnerability remediation for indirect (...
How does Snyk fix vulnerabilities buried in transitive dependencies you never directly installed? A look at dependency graphs, upgrade paths, and pinning.
How Snyk's .snyk file structures ignore rules with expiry...
How Snyk's .snyk file encodes vulnerability ignore rules using reason and expiry date fields, and what happens in CI once an exception lapses.
How the --policy-path option centralizes ignore rules acr...
A technical look at how Snyk's --policy-path flag lets teams share one .snyk ignore file across repos instead of duplicating exceptions everywhere.
How Snyk continuously monitors production dependencies fo...
A technical walkthrough of how Snyk's continuous monitoring uses dependency snapshots, vuln-DB updates, and priority scoring to flag newly disclosed CVEs in production.