Snyk – a leader in developer security – announced the acquisition of Helios, an industry pioneer capturing application runtime data, to further enhance Snyk’s cloud-to-code risk visibility. This acquisition marks a milestone in Snyk’s Application Security Posture Management (ASPM) journey, accelerating the evolution of Snyk AppRisk and allowing enterprise security teams to more effectively manage their global application security programs at scale.
Through the pace of software development continuing to increase, many enterprises aspire, but struggle, to have a deep understanding of their apps from cloud-to-code in order to get a full picture of their overall risk. And in direct response, Snyk will now combine Helios’ full-stack runtime data collection and insights with the power of the Snyk Developer Security Platform to provide customers with a comprehensive picture of their applications, spanning the entire software development lifecycle.
The market landscape leaves mature security teams wanting as traditional AppSec vendors are unable to correlate build-time security scans with live runtime security signals while runtime forensics vendors lack crucial developer understanding. And Snyk customers can now leverage security context from all phases of development from when code is built, to when it is compiled, to when it is deployed.
Through Helios’ runtime forensic capabilities, Snyk customers will now have access to:
1.) End-to-end application discovery – Holistic visibility of an entire application environment
2.) Risk-based prioritization – Ability to use actionable runtime insights to focus remediation efforts where they matter most to the business
3.) Full-stack runtime data collection, including multiple data collection methods to ensure a comprehensive picture of applications in runtime
Helios’ acquisition is Snyk’s latest move demonstrating the company’s vision for developer-led ASPM. Snyk acquired ASPM leader Enso Security in June 2023, adding notable prioritization and remediation capabilities to their existing platform. And in December, the company closely followed that acquisition with the launch of its market-disrupting ASPM solution, Snyk AppRisk, a first-of-its-kind tool designed to help AppSec teams govern their security program in seamless collaboration with development and reduce risk at scale.
Modern AppSec and development teams need one field of vision of which risks are present and which should be prioritized. And deep application understanding and development context, from developer-focused tools that analyze source code, libraries and configurations, is crucial to preventing risks that appear during the early stages of application development.
After being combined with runtime analysis, or the evaluation of applications after deployment, both of these forms of analysis inform much sharper insight into application behaviors and risk, enabling organizations to prioritize remediation effectively and alleviating alert fatigue by discerning actionable threats from non-issues.
Through Helios’ functionality, Snyk is able to now additionally bring greater benefit to their strategic partners by leveraging these runtime insights for complementary value. In the near- and long-term, Snyk looks forward to creating even more advantages and opportunities within its partner ecosystem for mutual customers looking to benefit from enhanced runtime data, visibility and analysis.
KEY QUOTES:
“As the pace and complexity of software development continues to rapidly increase, we’ve seen our global customers reap enormous productivity gains, but often at the cost of increased risk and critical security concerns. This acquisition was executed with those valid concerns top of mind. We’re excited to welcome the Helios team and look forward to continuing to push the market forward with our ASPM vision and enhanced solution.”
— Peter McKay, CEO, Snyk
“This is an incredible opportunity for the Helios team to join Snyk and change how the industry views ASPM, and we’re thrilled that our technology will immediately be able to help more AppSec and developer teams be successful. We’ve long admired Snyk’s approach and proven success and we’re honored to join this innovative, collaborative culture.”
— Eli Cohen, Co-Founder and CEO, Helios
“Runtime context is critical to properly prioritizing application security issues. The Snyk+SentinelOne integration identifies which container images are deployed in runtime and whether they have malware or other threats associated with them. Snyk users can leverage this information to identify which container image vulnerabilities should be prioritized for remediation.”
— Ely Kahn, VP Product, SentinelOne
