Snyk has slipped into the mainstream security space with a strategic partnership with threat defense vendor Trend Micro.
The tie-up will initially see Snyk’s vulnerability detection tech integrated into Trend’s cloud protection suite.
Kevin Simzer, chief operating officer at Trend Micro said the move was partly a reaction to the way DevOps and Continuous Delivery had changed the development process, with speed being “everything”, open source components being widely used, and developers increasingly in the driving seat.
This can leave traditional security teams – and their tool kits – out of the loop, with an ever-widening gap opening up between them and the dev(ops) team.
On a practical level, the “partnership” means that when a vulnerability is detected, Trend will draw down a “shield” of its traditional protection productions to protect the production environment, while Snyk will alert developers to fix the source code.
Trend users will not be paying extra for Snyk’s scanning service, which will be packaged into the security veterans platform. “Not that there isn’t tremendous value to it,” said Simzer. “It’s something we see as table stakes, and we need it integrated into the platform.”
Simzer said the company could’ve pointed its own engineers at this space, but chose not to. He added, “in the cloud it’s a massive ecosystem you need to plug into…customers I can envision down the road are going to do API level integration into Snyk and ourselves and we’ll be be embedded into the platform.”
Snyk has struck partnerships with a range of companies, including Microsoft. Under that deal, Snyk’s service offers vulnerability scanning through the Azure software development workflow. It has a similar integration with Alassian, covering the Aussie firm’s BigBucket and Pipelines products.
Snyk COO Geva Solomonovich said the firm had struck many partnerships and integrations, but they were “not strategic like this”.
Which begs the question, what does Snyk gain? Asked if Snyk would receive a portion of revenue from Trend, Solomonivch said the “exact financial terms are undisclosed” but added that there would be additional go to market activities under the partnership.