CIO Influence
CIO Influence News IT and DevOps Security

Snyk Builds Security into AWS CodePipeline to Mitigate Open Source Risk for Developer

Snyk Builds Security into AWS CodePipeline to Mitigate Open Source Risk for Developer
Latest integration inside the AWS CodePipeline console builds upon continued collaboration to deliver Snyk products within the AWS DevOps segment, AWS Marketplace, and AWS GovCloud

Snyk announced it has built an integration inside the AWS CodePipeline console. This new integration allows AWS CodePipeline users to build automated security controls into their deployment pipeline without having to leave the Amazon Web Services (AWS) console, bringing the Snyk experience directly to AWS users, and empowering them to more efficiently find and fix vulnerabilities in open source code when building cloud native applications on AWS.

Recommended ITech News:  VMware Helps Secure the World’s Digital Infrastructure and Anywhere Workspaces

As security becomes an increasingly crucial priority for development teams, Snyk has worked closely with AWS to automate security tooling onto AWS’s continuous delivery services, accelerating triaging and empowering agility in development when making application and infrastructure updates.

Snyk’s integration inside the AWS CodePipeline console is the latest in a number of key integrations with AWS services, helping customers build security into applications at each level of the technology stack using an intuitive, developer-friendly security platform. Snyk allows DevOps and engineering teams to accelerate security testing by first detecting vulnerabilities in the developer IDE. Using Snyk’s feature-rich CLI, developers can also secure various elements of their workflow such as AWS CodeBuild and AWS CodeCommit. AWS users can then leverage Snyk’s integrations with Amazon Elastic Container Registry (Amazon ECR) and Amazon Elastic Kubernetes Service (Amazon EKS) to scan container images and Kubernetes clusters for vulnerabilities and misconfigurations, even mapping new vulnerabilities to any container images already deployed in a Kubernetes cluster. For serverless workloads, Snyk scans AWS Lambda functions for vulnerabilities and can gate deployments through the CI/CD stage to ensure that only secure workloads are permitted to run in production.

Recommended ITech News:  SS&C Unveils Advanced In-Region Data Storage for Japanese Clients

This latest integration inside the AWS CodePipeline console expands upon Snyk’s ongoing collaboration with AWS to ensure that both development and security teams are able to leverage automated tooling to mitigate their open source risk as part of the development process, positively affecting the way they work and interact with one another.

  • Development teams: can easily find, prioritize and fix vulnerabilities in their open source dependencies, delivering secure code faster than their competition without having to adopt gated security audits that disrupt application deployment.
  • Security teams: can enable improvements to the development process that ensure that all applications are continuously scanned for vulnerabilities without requiring the security team to manually meet the break-neck speed of modern application development.

“Snyk and AWS share a common goal: to facilitate a digital transformation for our customers through cloud native services that empower automation and developer engagement,” said Carey Stanton, VP of Business Development, Snyk. “Automation in deployment pipelines is key to adopting a comprehensive approach to security throughout the application development lifecycle. Snyk’s tight interoperability with AWS CodePipeline now makes it even simpler for developers to focus on building applications securely, taking advantage of developer-friendly outputs without having to manage a new set of tools.”

Recommended ITech News:  cnvrg.io AI Operating System Teams Up with Supermicro to Deliver End-to-End AI Experience

“AWS wants to empower our customers to focus their time and resources on innovating their business, which is why we collaborate with security leaders like Snyk to help automate manual security tasks in development,” said Ken Exner, Director, Developer Tools, AWS. “We’re delighted to be working with Snyk to allow our customers to be more agile when delivering secure applications to market.”

“As a hyper growth business, we need a security partner that can dynamically adapt to our needs and allow us to scale our security posture fast,” said Chaim Mazal, VP of Global Information Security, ActiveCampaign. “With Snyk’s developer first ethos and comprehensive Cloud Native Application Security platform, we’re continuously increasing visibility, mitigating risk, all while positioning our organization to achieve ambitious goals for developer productivity and innovation through our secure software development lifecycle.”

Recommended ITech News:  Marvell Extends PAM4 DSP Cloud Data Center Leadership with Industry’s First Integrated Solution

Related posts

Attivo Expands Active Directory Protection from Unmanaged Devices, Including Mac, Linux, IoT/OT

CIO Influence Interview with Erin Hamm, Field Chief Data Officer, Comcast Technology Solutions

Sudipto Ghosh

Bessemer Venture Partners and IBM Ventures Invest in Rohirrim, Leader in RFP AI Automation

PR Newswire