Snyk Integrated Into Google Chrome Lighthouse Auditing Tool


British software company Snyk on Thursday announced it's powering the audit meant to identify vulnerable JavaScript libraries in Google Chrome's Lighthouse, an open-source tool for reviewing and improving websites. The implementation of Snyk's solution supports the "Best Practices" audit feature that's live as of Chrome 63 and is meant to identify front-end JavaScript libraries with known security flaws. In practice, web developers should be able to leverage the highly automated tool to quickly discover critical information they need to address the most significant vulnerabilities in their website code, hence approaching the issue in a proactive manner.

The integration works regardless of whether you prefer Lighthouse as a node module or a browser extension, in addition to being featured as part of Chrome's own native developer tools. As a result of the new functionality, known JavaScript library vulnerabilities discovered as part of such inspections will result in a lower audit score and provide web developers with an in-depth report of every individual vulnerability identified following an examination of active libraries against Snyk's own database. Snyk Chief Executive Officer Guy Podjarny said recent research suggested approximately 37-percent of websites had at least one problematic client-side JavaScript library with a known security flaw as of early 2017, having noted how the London-based firm is hoping to significantly lower that figure with its newly announced Google partnership. As per the company's own study conducted more recently, 77-percent of the world's top 433,000 websites are using a JavaScript library with one or more known security vulnerabilities.

Companies like Snyk and the solutions they're providing to the community are some of the main arguments against the "security through obscurity" approach, having dedicated themselves to supporting and auditing open-source software with the goal of improving its overall resilience to being compromised. Snyk says its technologies allow developers to save time by being relatively automated and providing them with a reliable method of securing their dependencies in a swift manner.

Google Chrome Lighthouse

Share this page

Copyright ©2018 Android Headlines. All Rights Reserved.

This post may contain affiliate links. See our privacy policy for more information.

Dominik started at AndroidHeadlines in 2016. He’s approaching his first full decade in the media industry, with his background being primarily in technology, gaming, and entertainment. These days, his focus is more on the political side of the tech game, as well as data privacy issues, with him looking at both of those through the prism of Android. Contact him at [email protected]

View Comments