Cybersecurity company Snyk Ltd. today announced the launch of Snyk API & Web, a new dynamic application security testing or DAST solution designed to meet the growing demands of modern and increasingly artificial intelligence-powered software development.

The new service integrates technology from Probley, a Portuguese startup acquired by Snyk in November, into Snyk’s application security platform. The technology unifies critical AppSec testing techniques into a single developer security platform.

The DAST service seeks to assist in dealing with risks that can occur when businesses increasingly leverage generative AI and use application programming interfaces to bridge the gap between large language models and the applications they fuel. Snyk argues that APIs introduce vulnerabilities that can expose AI models to significant risks, jeopardizing the security of entire software supply chains.

Snyk API & Web offers a robust solution for developers and AppSec teams to proactively discover, inventory and secure API vulnerabilities before they become threats.

The new service offers tools designed to simplify DAST for developers and security teams. Snyk API & Web integrates Probely’s advanced testing technology to not only provide traditional security scans but also leverage AI-driven capabilities to detect vulnerabilities that are often missed by conventional methods. According to Snyk, this makes the solution especially useful in fast-paced development environments where speed and accuracy are paramount.

API & Web also includes an AI-powered API Security Testing engine that uses generative AI and traditional machine learning models. The engine helps developers better map the growing API attack surface and automate the process of scanning for vulnerabilities.

The testing offered by the solution focuses on issues such as Broken Object Level Authorization, one of the most critical vulnerabilities listed in the Open Worldwide Application Security Project’s Top 10 API Security Risks, addressing the specific challenges posed by generative AI and its reliance on APIs.

Snyk is also planning to include enterprise-grade capabilities through a new command-line interface designed for organizations with extensive asset portfolios. Doing so will allow users to programmatically manage scans, targets and findings at scale, all while streamlining workflows and enabling automation across continuous integration/continuous delivery pipelines.

“We’re excited that our customers have recognized the value in a comprehensive, developer-first approach to API Security Testing and Dynamic Testing of Web endpoints,” said Snyk Chief Innovation Officer Manoj Nair. “We’re not only looking forward to more secure generative AI-assisted development but also the ability to significantly revolutionize the DAST space with AI techniques that Snyk continues to deliver to the AppSec market.”

Image: SiliconANGLE/Reve