Security for Developers
Snyk is a developer security platform that enables application and cloud developers to secure their whole application — finding and fixing vulnerabilities from their first lines of code to their running cloud. Snyk combines the power of developer-first tooling with best-in-class security intelligence. Snyk Learn teaches developers how to stay secure with interactive lessons exploring vulnerabilities across a variety of languages and ecosystems.
Snyk security researchers augment their expertise with advanced ML and human-in-the-loop AI so they can provide the most accurate, timely and comprehensive intelligence on the market. This security intel is the foundation of their platform, spanning the Snyk Intel Vulnerability Database, the Snyk Code knowledge base, and their Cloud/IaC unified policy engine.
Sign-up using Google and your @nyu.edu email address.
By completing this learning path, you will understand the below list of vulnerabilities along with how they work and how to mitigate each one.
- SQL injection
- Prototype pollution
- XPath injection
- NoSQL Injection
- XXE - XML Ext Entity injection
- Code injection
- Directory traversal
- Insecure Randomness
- Insecure hash
- Insecure design
- Vulnerable and deprecated components
- Logging vulnerabilities
- SSRF (server-side req forgery)
- Broken access control
To earn the Security for Developers badge:
Approximate time to earn Security for Developers Badge: 8 hours
Prerequisites Required: None but an understanding of code is helpful