Cybersecurity startup Snyk Ltd. today unveiled a range of enhancements to its developer security platform to advance the company’s developer-first approach to DevSecOps, the practice of integrating security testing at each stage of the software development process.

Leading the list is the addition of a developer application security posture management or ASPM feature, designed to streamline the management of application security posture. The technology comes partly from Snyk’s acquisition of Enso Security, which it announced today for an undisclosed price

The company says the new feature enables both development and security teams to prioritize and focus on the most pressing risks. The ASPM was designed to respond to the escalating complexity of application environments, which has led to an uptick in improperly prioritized security issues.

In addition to the ASPM feature, Snyk also announced the integration of DeepCode AI. The integration is a result of Snyk’s 2020 acquisition of DeepCode and now forms the backbone of the platform.

DeepCode AI delivers productivity enhancements by employing multiple AI models without compromising security. One of the update’s highlights is DeepCodeAI Fix, which uses generative and symbolic artificial intelligence to propose secure code fixes directly from an integrated development environment, contributing significantly to developer efficiency.

Another enhancement unveiled by Snyk involves improved software supply chain security. The upgrade facilitates increased transparency by enabling security teams to generate Software Bills of Materials. SBOMs are comprehensive lists of components used in a software product, including libraries and their respective owners. They provide critical transparency for security teams, allowing them to identify where vulnerabilities exist in their application ecosystem, facilitating faster and more effective mitigation efforts.

Snyk says its application of SBOMs helps in more precise tracking of applications, the libraries they use and their respective owners. Further emphasizing transparency and collaboration, the new features allow developers to include the creation of SBOMs in their automated workflows and share these across the entire organization.

Finally, the company also revealed two new initiatives on its educational platform, Snyk Learn, that are aimed at addressing the global cybersecurity talent gap. The platform’s content now aligns with the National Institute of Standards and Technology’s National Initiative for Cybersecurity Education Framework guidelines. The alignment represents a shift toward a more structured and comprehensive approach to cybersecurity education.

The company was last in the news in January when it raised a $25 million strategic investment from ServiceNow Inc. According to Crunchbase, Snyk has raised $1.2 billion to date from investors, including Sands Capital Ventures Ltd., Evolution Equity Partners LLC, G Squared Inc. and Tiger Global Management LLC.

Image: Snyk