

Cybersecurity company Snyk Ltd. today announced the launch of its Secure Developer Program, a new initiative designed to empower open-source software maintainers with cutting-edge, develop-friendly security solutions.
Through the program, Snyk will provide qualifying open-source projects with its enterprise-grade security tools – including the Snyk Enterprise License – and application programming interface access at no cost. The company will also give projects hands-on support from its developer relations team, its Discord Community and custom Partner Connect access to help maintainers implement and leverage the security tooling directly from Snyk’s experts and networks.
Open-source software doesn’t need much introduction, but one key aspect often overlooked is that open-source software can be found in 90% or more codebases. As a result, a vulnerability in a commonly used open-source library can potentially affect millions of users and businesses.
Snyk argues that the impact of fixing even a single open-source vulnerability can have far-reaching benefits and dramatically influence global cybersecurity posture. The Secure Developer Program is all about fixing vulnerabilities and an investment by Snyk into the open-source ecosystem by enabling contributors to create code and software that’s not only innovative but inherently secure.
“At Snyk we believe each member of the open-source community should play a role in its security,” said Chief Technology Officer Danny Allan. “The unfortunate reality is that many open-source projects lack both the tools and skills to ensure that security. With the Snyk Secure Developer Program, we are offering a first-of-its-kind support to open-source communities that actually helps build enterprise-level security programs that find and fix vulnerabilities in code quickly.”
Snyk has already been supporting some open-source projects. “Snyk supports my project by increasing my awareness about vulnerabilities in project dependencies and offering quick solutions via configurable automatic pull requests,” noted Jorin Vermeulen from the Shoutzor Project.
Snyk is also working with the Linux Foundation to strengthen open-source projects such as the Cloud Native Computing Foundation, one of the largest open-source projects in the market.
Applications for the new program are now open. The only restrictions on who can apply are that participants must have an open-source project that is not backed by a corporate entity and has at least 10,000 GitHub stars.
THANK YOU