UPDATED 11:50 EDT / JANUARY 22 2020

SECURITY

Snyk focuses on 28 million developers to address the application security challenge

It would be nice if imported open-source code arrived vulnerability free, but that’s not how the real world works.

Code can have hidden traps, and corporate cybersecurity organizations are often too busy putting out fires to effectively monitor open-source integrations for cleverly disguised viruses or malware. So, why not put security tools in the hands of developers, the people most responsible for building the application itself?

That’s the basic premise of Snyk Ltd., a security company that provides developer-first tooling designed to build protections into the continuous development process. And it all starts with the company name, a play on “now you know,” according to its current chief executive officer.

“Now you know a lot more about your applications than you ever did before,” said Peter McKay (pictured), chief executive of Snyk. “There’s 28 million developers in the world. What we want is every one of those 28 million to be using our product. Whether it’s free or paid, I want Snyk used in every application development lifecycle.”

McKay spoke with Dave Vellante, host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, in Boston. They discussed the company’s latest funding round, how Snyk devotes significant resources to scanning for the latest threats, and the importance of leveraging the developer community to address application security.

Large customers buy-in

From its founding in 2015, Snyk has targeted the developer community with tools to find and fix vulnerabilities in source code and containers. The company has attracted large customers, such as Google LLC., Salesforce Inc., and telecom giant Orange S.A., while supported by several rounds of investment.

After funding of $22 million in 2018 and $70 million last year, Snyk announced this week that it raised an additional $150 million led by the private equity firm Stripes. The company now has a valuation of more than $1 billion.

“We weren’t looking to raise; this was something that came to us,” McKay said. “They’re really helping us grow this business internationally. It allows us to do the things we want to do faster.”

Synk’s technology is built for integration into developer workflows, including repositories such as GitHub, Bitbucket and GitLab. The company has 400,000 developers already on board who are leveraging application security tools and a database of vulnerabilities that is continually updated for the latest threats.

“We have 15 people in our security team that do nothing every day but look for the next vulnerability,” McKay said. “More software equals more software risk. We’re measured by how many vulnerabilities we fix.”

Snyk’s expanding adoption within the developer community comes at an important time as evidence mounts that malicious actors are turning their attention to weaknesses in cloud-native architectures. Researchers at McAfee LLC recently noted that container exposures and application programming interface vulnerabilities were among the top cyber threats in 2020.

“With more open-source and containers, the challenge of being able to address these cybersecurity issues has never been more challenging,” McKay said. “You’ve got to leverage the 28 million developers who are developing the applications. It’s the only way to solve this problem of the application security challenge.”

Here’s the complete video interview, one of many CUBE Conversations from SiliconANGLE and theCUBE:

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU