BEST ProductsTech

Snyk provides policy-based code safety to its arsenal – TechCrunch

Sharing is caring!

Final yr was a fairly good one for Snyk, a Boston-based safety firm. It raised a hefty $530 million on a $8.5 billion valuation, and with that form of cash within the financial institution, it’s in all probability not shocking that it went procuring. In February, it purchased developer-focused cloud security company Fugue for an undisclosed quantity.

At present, Snyk introduced a brand new developer-centered cloud safety product at AWS re:Inforce in Boston. The product’s coverage engine allows safety groups to laborious code advanced guidelines into the system to repair issues earlier than they turn out to be a problem, and it’s based mostly on the expertise that Fugue dropped at the corporate.

Former Fugue CEO and co-founder Josh Stella, who’s now chief architect at Snyk, says when Snyk’s co-founder Man Podjarny approached him final yr, they bonded over the thought of placing builders on the middle of the safety answer. “We received right into a dialog about how in each of our views the way forward for safety could be targeted on builders, the builders of methods,” he mentioned.

He says while you have a look at a number of the main breaches lately, they sometimes have concerned system-level safety points that the answer his firm dropped at Snyk is designed to forestall. “Our unified coverage engine will enable each builders and safety practitioners to share an understanding by way of coverage code of what’s protected and safe. And that permits us at Snyk to share with all of our prospects what we all know is protected or unsafe,” he mentioned.

He says this goes past the protoypical form of use case of an Amazon S3 bucket being left uncovered, which he says is never as merely as a misconfiguration. “Fairly often it’s somewhat extra nuanced than that and it’s some mixture of how the applying works within the utility code, how the IAM (id and entry administration) privileges are configured, and the way the S3 bucket is configured,” he mentioned.

“And our method to our coverage engine permits us to look throughout these issues, which is the place the true vulnerabilities are inclined to lie, and the place they get exploited.”

He mentioned that from the start the thought was to combine this answer into the Snyk platform. Snyk CEO Peter McKay says that Fugue’s expertise actually enhances the corporate’s product set, and provides a vital element.

“We would have liked to turn out to be extra developer centric, and we checked out that market. We noticed actually one firm that we thought was essentially the most developer centric, which was Fugue, and [acquiring them] allowed us to carry their capabilities into our platform, which allowed us to supply the fifth product [in our product portfolio],” he mentioned.

The product is accessible to a restricted group of consumers beginning at the moment with normal availability anticipated later this yr. And despite the fact that they’re asserting it at an Amazon safety occasion, it’s going to work on all main cloud platforms.

You may also like

Leave a reply

Your email address will not be published.

nine − 6 =

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.