Developers can now deliver open source components securely
In an official blog post, CEO and co-founder of Snyk, Guy Podjarny, has shared that as a software service startup, the company wants to continue to help developers find and fix vulnerabilities in their open source code, before it goes into production. For this purpose, the company has announced that it has successfully closed a US$ 7 million Series A round of funding.
As per the blog post, over 120,000 developers use Snyk to find, fix and monitor for vulnerable libraries. Open source libraries provide a tremendously valuable resource for developers, but in today’s rapid fire application development environment, it’s not always a simple matter to make sure you’re using secure code.
The funding was led by Boldstart Ventures and Canaan Partners.
Heavybit, FundFire, Peter McKay (from Veeam) and many other unnamed investors also participated.
“The company is built on the premise that the development team is uniquely suited to deal with these security problems before their programs go out into the world, rather than a security team, which tends to be removed from the development process,” shared Guy Podjarny. “When software was built over months and years, this approach worked, but at today’s development speed, having an outside security team checking the software no longer makes sense,” he said.
“This funding is a great testament to the importance of having developers own security and the critical need to secure our use of open source code. It’s also a
humbling show of faith in our product and team, who are trusted to deliver and help you – our beloved users – use open source code and stay secure,” Podjarny wrote.
“We integrate elegantly into the development process and find known vulnerabilities in your open source elements and fix them,” Podjarny explained. “The company monitors the code right in your GitHub repository, but if you’re concerned about sharing your open source code with a third-party company, you need not worry about that,” he said, adding, “You are only giving us access to manifest files that dictate the files you are going to use.”
Since Snyk supports the vast majority of languages that users need, the firm plans to cover open source libraries for all the languages in developers’ code bases. The firm also intends to mature its support offerings for the more recently added languages to match the level of subtle understanding and fix the capabilities veteran languages enjoy.