In an official blog post by CEO and co-founder, Guy Podjarny, he shared that as a software service startup, Snyk wants to continue to help developers find and fix vulnerabilities in their open source codes before it goes into production. For the same, the company has announced a $7 million Series A round.
As per the blog, over 120,000 developers use Snyk to find, fix and monitor for vulnerable libraries. Open source libraries provide a tremendously valuable resource for developers, but in today’s rapid fire application development environment, it’s not always a simple matter to make sure you’re using secure code.
The funding was led by Boldstart Ventures and Canaan Partners. Heavybit, FundFire, Peter McKay (from Veeam) and many other unnamed investors also participated.
“The company is built on the premise that the development team is uniquely suited to deal with these security problems before their programs go out into the world, rather than a security team that tends to be removed from the development process,” shared Guy Podjarny. When software was built over months and years, this approach worked, but at today’s development speed, having an outside security team checking the software no longer makes sense, he says.
“This funding is a great testament to the importance of having developers own security and the critical need to secure our use of open source codes. It’s also a humbling show of faith in our product and team, who are trusted to deliver and help you – our beloved users – use open source codes and stay secure,” he wrote.
“We integrate elegantly into the development process and find known vulnerabilities in your open source elements and fix them,” Podjarny explained. The company monitors the code right in your GitHub repository, but if you’re concerned about sharing your open source codes with a third-party company, you need not worry about that, he said. “You are only giving us access to manifest files that dictate the files you are going to use,” he said.
Since now Snyk supports vast majority of languages users need, they plan to cover open source libraries for all the languages in developers’ code base. They also intend to mature their support for the more recently added languages to match the level of subtle understanding and fix capabilities our veteran languages enjoy.