Snyk Unveils Latest Enhancements for Securing the Software Supply Chain

Snyk, a leader in developer security, is releasing SnykLaunch April 2023, a series of strategic enhancements to the company’s Developer Security Platform to enable global enterprises to create a secure software supply chain, while advancing greater DevSecOps collaboration and enhancing developer productivity.

“In every 2023 discussion I’ve had with security leaders, supply chain security is voiced as the persistent weak link in their enterprise security strategy,” said Peter McKay, CEO, Snyk. “The maturity of Snyk’s platform allows developer, operations and security teams to better understand and meaningfully reduce risk, while also achieving significant developer productivity gains and overall security spend consolidation.”

Now available as part of the SnykLaunch April 2023 line up:

  • Developer-First Application Security for C/C++: Snyk now brings the developer-led security experience to the realm of securing C/C++ apps, applying its semantic, AI-based analysis engine to this language now again increasing in popularity.
  • More Effectively Securing the Cloud by Driving Contextual Fixes in Infrastructure as Code (IaC) Pipelines: Snyk is taking the complexity out of connecting cloud security issues back to their IaC source, significantly simplifying fixes for platform teams.
  • Layering Automated Security in Container Supply Chain: Snyk Container now provides vulnerability fix guidance to match the complex, layered container build chains used by mature teams.
  • Increased DevSecOps Collaboration: New integrations with ServiceNow as well as Atlassian, AWS and Dynatrace bring greater software supply chain security visibility to enterprise security and operations teams.

“These latest enhancements are indicative of Snyk’s commitment to an unified security approach that is best suited to accelerate secure innovation,” said Manoj Nair, chief product officer, Snyk. “We’re proud to have purposefully combined a series of otherwise siloed solutions into one platform that best equips and empowers global developers to successfully secure everything they build, while also giving security teams the visibility they need to drive a culture focused on effective remediation.”

New Snyk Learn lessons specifically designed for C/C++ developers build security education right into the process. These new releases give desktop, server and web app developers the actionable security coverage they need for C/C++ (and all of the other popular languages they use), while ensuring security teams have complete visibility of vulnerabilities and compliance across all of their development projects.

For cloud and platform engineers, Snyk’s new IaC and cloud feature automatically links running cloud resources to the IaC source template. This new capability makes it simple for security teams to identify the source of the issue and notify the right cloud team members and, in turn, makes it easy for engineers to see where and how to resolve the problem in their IaC, according to the company.

Snyk Container now extends its ability to provide fixes that are relevant to the unique nature of how containers are built by adding support for the internally curated “golden images,” many companies provide for their developers. The DevOps and platform teams creating these internal base images now benefit from full visibility into issues and fixes.

At the same time, development teams are automatically guided to use the most current internal images with the noise of container vulnerabilities eliminated. This ensures developers always start from the most secure containers, supporting open standards as well as company-defined software bill of materials under one consolidated umbrella.

Snyk now seamlessly integrates into ServiceNow’s Vulnerability Response solution as well as AWS CloudTrail Lake to bring software supply chain visibility to enterprise security teams.

Upcoming integrations with Atlassian Jira and Dynatrace will further deepen application security integration for developers and operations teams respectively, according to the vendor.

For more information about this news, visit