Snyk sprinkles DevOps dust on Trend Micro security platform

By Team Devclass
-
Snyk sprinkles DevOps dust on Trend Micro security platform

Snyk has slipped into the mainstream security space with a strategic partnership with threat defense vendor Trend Micro.

The tie-up will initially see Snyk’s vulnerability detection tech integrated into Trend’s cloud protection suite.

Kevin Simzer, chief operating officer at Trend Micro said the move was partly a reaction to the way DevOps and Continuous Delivery had changed the development process, with speed being “everything”, open source components being widely used, and developers increasingly in the driving seat.

This can leave traditional security teams – and their tool kits – out of the loop, with an ever-widening gap opening up between them and the dev(ops) team.

On a practical level, the “partnership” means that when a vulnerability is detected, Trend will draw down a “shield” of its traditional protection productions to protect the production environment, while Snyk will alert developers to fix the source code.

Trend users will not be paying extra for Snyk’s scanning service, which will be packaged into the security veterans platform. “Not that there isn’t tremendous value to it,” said Simzer. “It’s something we see as table stakes, and we need it integrated into the platform.”

Simzer said the company could’ve pointed its own engineers at this space, but chose not to. He added, “in the cloud it’s a massive ecosystem you need to plug into…customers I can envision down the road are going to do API level integration into Snyk and ourselves and we’ll be be embedded into the platform.”

Snyk has struck partnerships with a range of companies, including Microsoft. Under that deal, Snyk’s service offers vulnerability scanning through the Azure software development workflow. It has a similar integration with Alassian, covering the Aussie firm’s BigBucket and Pipelines products.

Snyk COO Geva Solomonovich said the firm had struck many partnerships and integrations, but they were “not strategic like this”.

Which begs the question, what does Snyk gain? Asked if Snyk would receive a portion of revenue from Trend, Solomonivch said the “exact financial terms are undisclosed” but added that there would be additional go to market activities under the partnership.

AWS combines "building block" blueprints with CodeCatalyst for rapid project creation including DevO...
Cloudflare updates Workers platform with Python support, event notifications, and improved local dev...
Atlassian takes another step toward full DevOps automation
Podman 5.0 released with native Mac hypervisor support, new features and breaking changes
GitHub autofix progresses to public beta: insecure code corrected with AI, but only for enterprise
Secret leakage in public GitHub repositories increasing, claims new report
Test launch of TEA open source reward project clouded by repository spam attack 
From Docker to Dagger: Solomon Hykes on modernisation of the DevOps pipeline
Enterprises struggle with Agile methodology, reports long-standing survey of practitioners
Spotlight on GitHub self-hosted runners again as researcher demonstrates attack on PyTorch code
PyPy moves from Mercurial, says 'open source has become synonymous with GitHub'
Where next for Jamstack? Netlify survey avoids the word, highlights rise of Astro