Rapid7, a leading provider of security analytics and automation, and developer-first company, Snyk, announced a strategic partnership to deliver end-to-end application security to organizations developing cloud-native applications.
Together, Snyk and Rapid7 will provide businesses with a comprehensive approach to modern application security, offering continuous integrated security from the beginning of the application development process through continuous monitoring and protection in production.
Through this partnership, developers will be empowered to take responsibility for security by helping them find and fix vulnerabilities early in development while giving security teams the ongoing control and visibility they need. Additionally, it will help customer organizations bridge the traditional gap between security and development, allowing them to work together to scale security, as well as understand and mitigate risk and enhance cloud security.
According to a recent Forrester report on the state of application security, web applications and software vulnerabilities are the top two ways external attacks are carried out1. Additionally, recent research from Snyk found that vulnerabilities in open source libraries are growing rapidly, nearly doubling in two years.
“Cloud-native applications have driven the industry to adapt and create a more integrated approach to application and infrastructure security, and we are excited to integrate Snyk’s vulnerability intelligence into our Insight cloud products,” said Cindy Stanton, vice president, vulnerability and risk management, Rapid7. “Through this partnership, Rapid7 and Snyk are helping our customers to create a workflow that brings developers closer to security and enables IT, teams, to fix vulnerabilities fast and early, at scale.”
With the goal of providing customers with deeper insight into modern application security, Rapid7 will begin integrating Snyk’s vulnerability database into its existing vulnerability intelligence to offer significantly more detailed and timely coverage of open source risks. As a Snyk Intel Partner, Rapid7 will add the Snyk vulnerability database to its Insight cloud solutions to enhance vulnerability visibility analysis across the Rapid7 portfolio. Ultimately, Rapid7 customers will be able to access Snyk’s developer-first approach to open source and container security and automate fixing to assist them in finding vulnerabilities early and often.
“Modern businesses today cannot invest in moving to the cloud without an end-to-end application security strategy that enables teams to continuously secure and protect their software development life cycle,” said Peter McKay, CEO, Snyk. “Rapid7 shares our vision to automate and monitor security at scale by providing security, DevOps and development teams with the solutions they need to achieve fast, secure application delivery.”