BOSTON – October 6, 2021 – Snyk, the leader in developer security, today announced at its flagship event, SnykCon 2021, new product innovations and partnerships as well as a free new developer security education program, Snyk Learn. Through the creation of Snyk Impact, the company also outlined its ongoing commitment to a more secure, inclusive and sustainable software development sector.
"We're thrilled to kick off SnykCon 2021, welcoming a record number of 10,000+ developers and security experts this year," said Guy Podjarny, Founder and President, Snyk. "Developer security is the only way we can effectively scale security, and this great community is what's making it happen. We look forward to a collaborative, inspiring and fun next two days that helps more of the world's developers to embrace security and build it into their daily lives."
Rapid Innovation Across The Snyk Developer Security Platform
As more individual developers as well as global organizations adopt Snyk to evolve from DevOps to DevSecOps, Snyk has continued to rapidly innovate across its platform and individual core products.
Over the course of 2021, Snyk's industry leading developer security platform has seen rapid adoption with more than 300 million tests run by Snyk users and customers in the past twelve months and more than 30 million vulnerabilities fixed within the last 90 days.
In particular, Snyk Code, first announced at SnykCon 2020, continues to disrupt legacy static application security testing (SAST) tools. One year after launching, today hundreds of global enterprises are leveraging the product to reimagine SAST as a seamless part of their development processes, enabling their developers to continue to build fast while staying secure.
Specific new updates to be shared and highlighted at this week's event include:
- Snyk Open Source: New language support for Elixir and package managers Yarn 2 and Poetry; Native integrations with Atlassian BitBucket and AWS CodePipeline; Integration of FossID's C++ scanning support including unmanaged open source, binary detection and best in-class code snippet analysis.
- Snyk Container: Expanded container registry support for Quay, Github Container Registry, GitLab, Google Artifact Registry, Harbor and more. New support for Trivy open source container scanning tool with Snyk's vulnerability database.
- Snyk Infrastructure as Code: New support for detecting configuration issues in Kubernetes manifests in Terraform code with compatibility for AWS, Azure or GCP.
- Snyk API v3: Based on the latest version of OpenAPI, v3 of Snyk's API is 3x faster, 20x more performant, with new issues, projects and endpoints also available.
- Snyk Apps: Powered by the new Snyk API v3, SnykApps is a new way for developers to create a seamless extension of any workflow with a single click.
Welcoming Digital Ocean and HashiCorp to Snyk's Developer Security Ecosystem
Snyk has more than 100 partnerships and integrations with industry leaders like Atlassian, AWS, Datadog and Docker. Today, Snyk welcomes new partnerships with DigitalOcean and HashiCorp to further expand its developer security ecosystem.
Snyk and DigitalOcean are partnering to help developers secure containerized applications during development so they can deploy them with confidence. The companies have also additionally committed to future integrations that will enable security to be further embedded within existing developer workflows.
The Snyk integration to HashiCorp Terraform Cloud solves configuration security challenges that arise when delivering infrastructure as code. This enables developers to fix issues before deploying to production environments.
Introducing Snyk Learn: Empowering Developers with Security Education
Today's developers require just-in-time learning experiences as they code and build applications. Snyk Learn is designed to help developers learn about and fix the vulnerabilities they find using Snyk, as well as offer bite-sized security lessons in the coding language or ecosystem of their choice. Snyk Learn is a free security education product that puts developers fully in control of their own security education journey.
Snyk Learn includes:
- Modular learning content for critical security topics such as SQL injection, directory traversal, prototype pollution and cross-site scripting, with more to come in Q4 2021.
- Hands-on, step-by-step instructions and code-driven learning examples.
- Detailed tips for preventing and mitigating attacks from happening.
- Integration with the Snyk Developer Security Platform as well as Snyk Advisor.
Developers can explore initial Snyk Learn courses today at https://learn.snyk.io.
Unveiling Snyk Impact: Community Collaboration to Create Lasting Social Impact
Snyk has also announced Snyk Impact, a social and environmental impact program designed to create a more secure, inclusive and sustainable software development and social impact sector. The program is aligned with environmental, social and governance (ESG) approaches and fully embedded into Snyk's strategy, operational effort and governance structures.
To kick off this program, Snyk is contributing 100% of SnykCon sponsorship proceeds as well as matching up to $100,000 raised at SnykCon via the Snyk Community Impact Center to benefit Snyk's initial cohort of tech nonprofit partners, all dedicated to furthering diversity in the tech industry, including AIEDU, CareerVillage, DevelopforGood, FastForward, LearningEquality and UPchieve.
In the coming months, specific company commitments will be introduced in order to:
- Increase diversity, equity, inclusion and belonging within the developer security community.
- Further DevSecOps and broader digital capacity for the global social impact technology sector (nonprofits and certified B Corps in particular).
- Following achieving CarbonNeutral certification in 2020, continue to weave sustainability practices into Snyk's planning, decision-making, business practices and partnering across the entire enterprise.
"At Snyk, we care deeply for one another and the developer and security communities as well as the larger world around us," said Dipti Salopek, Vice President, Social Impact, Snyk. "We are now thrilled to introduce Snyk Impact to mobilize our resources to make lasting positive change an integral part of our overall business strategy."
Visit the Snyk blog to learn more about the good work Snyk is already doing in this realm, as well as future plans.
Snyk is the leader in developer security. We empower the world's developers to build secure applications and equip security teams to meet the demands of the digital world. Our developer-first approach ensures organizations can secure all of the critical components of their applications from code to cloud, leading to increased developer productivity, revenue growth, customer satisfaction, cost savings and an overall improved security posture. Snyk's Developer Security Platform automatically integrates with a developer's workflow and is purpose-built for security teams to collaborate with their development teams. Snyk is used by 1,200 customers worldwide today, including industry leaders such as Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce.