Snyk API & Web Released
April 22, 2025

Snyk launched Snyk API & Web, delivering a dynamic application security testing (DAST) solution designed to meet the growing demands of modern and increasingly AI-powered software development.

The successful acquisition and integration of Probely's cutting-edge DAST technology into Snyk’s application security platform is a key milestone in unifying critical AppSec testing techniques into a single Developer Security platform.

Snyk API & Web offers a robust solution for developers and AppSec teams to proactively discover, inventory and secure API vulnerabilities before they become threats.

Snyk API & Web is committed to delivering more than just basic security features. As part of our ongoing development efforts, Snyk is working towards an additional integration enabling AppSec teams to access a centralized view of Web, API, and Code assets all within a single interface. This aims to empower teams with real-time insights, bringing together static application security testing (SAST), software composition analysis (SCA), and DAST findings in one seamless dashboard.

Additionally, Snyk API & Web is planned to include enterprise-grade capabilities through a new Command-Line Interface (CLI) designed for organizations with extensive asset portfolios. This enhancement will allow users to programmatically manage scans, targets, and findings at scale, streamlining workflows and enabling automation across CI/CD pipelines.

Snyk’s commitment to innovation is further exemplified by two groundbreaking features that will expand what’s possible in the DAST market:

- AI-Driven API Testing Engine. Powered by the innovative use of GenAI in this context, Snyk's AI-powered API Security Testing engine will help Snyk modernize the way APIs are tested: to help better map the ever-growing API attack surface and automate the scanning of their vulnerabilities. The engine makes use of a combination of GenAI and traditional AI/ML models to expand Snyk's coverage of critical aspects in OWASP's Top 10 API Security Risks, particularly on issues derived from exploits on business logic, such as OWASP's #1 Risk, BOLA (Broken Object Level Authorization).

- Code-Informed Dynamic Testing. Snyk API & Web is able to correlate static and dynamic analysis for smarter, more accurate vulnerability detection. By extracting critical information directly from code, this feature automatically configures DAST tests, identifies APIs, and generates their specifications to optimize scanning accuracy and efficiency. This unified approach provides comprehensive coverage, ensuring no vulnerability goes unnoticed.

Share this

Industry News

May 15, 2025

GitLab announced the launch of GitLab 18, including AI capabilities natively integrated into the platform and major new innovations across core DevOps, and security and compliance workflows that are available now, with further enhancements planned throughout the year.

May 15, 2025

Perforce Software is partnering with Siemens Digital Industries Software to transform how smart, connected products are designed and developed.

May 15, 2025

Reply launched Silicon Shoring, a new software delivery model powered by Artificial Intelligence.

May 15, 2025

CIQ announced the tech preview launch of Rocky Linux from CIQ for AI (RLC-AI), an operating system engineered and optimized for artificial intelligence workloads.

May 14, 2025

The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the launch of the Cybersecurity Skills Framework, a global reference guide that helps organizations identify and address critical cybersecurity competencies across a broad range of IT job families; extending beyond cybersecurity specialists.

May 14, 2025

CodeRabbit is now available on the Visual Studio Code editor.

The integration brings CodeRabbit’s AI code reviews directly into Cursor, Windsurf, and VS Code at the earliest stages of software development—inside the code editor itself—at no cost to the developers.

May 14, 2025

Chainguard announced Chainguard Libraries for Python, an index of malware-resistant Python dependencies built securely from source on SLSA L2 infrastructure.

May 14, 2025

Sysdig announced the donation of Stratoshark, the company’s open source cloud forensics tool, to the Wireshark Foundation.

May 13, 2025

Pegasystems unveiled Pega Predictable AI™ Agents that give enterprises extraordinary control and visibility as they design and deploy AI-optimized processes.

May 13, 2025

Kong announced the introduction of the Kong Event Gateway as a part of their unified API platform.

May 13, 2025

Azul and Moderne announced a technical partnership to help Java development teams identify, remove and refactor unused and dead code to improve productivity and dramatically accelerate modernization initiatives.

May 13, 2025

Parasoft has added Agentic AI capabilities to SOAtest, featuring API test planning and creation.

May 13, 2025

Zerve unveiled a multi-agent system engineered specifically for enterprise-grade data and AI development.

May 12, 2025

LambdaTest, a unified agentic AI and cloud engineering platform, has announced its partnership with MacStadium, the industry-leading private Mac cloud provider enabling enterprise macOS workloads, to accelerate its AI-native software testing by leveraging Apple Silicon.

May 12, 2025

Tricentis announced a new capability that injects Tricentis’ AI-driven testing intelligence into SAP’s integrated toolchain, part of RISE with SAP methodology.