Snyk API & Web Released
April 22, 2025

Snyk launched Snyk API & Web, delivering a dynamic application security testing (DAST) solution designed to meet the growing demands of modern and increasingly AI-powered software development.

The successful acquisition and integration of Probely's cutting-edge DAST technology into Snyk’s application security platform is a key milestone in unifying critical AppSec testing techniques into a single Developer Security platform.

Snyk API & Web offers a robust solution for developers and AppSec teams to proactively discover, inventory and secure API vulnerabilities before they become threats.

Snyk API & Web is committed to delivering more than just basic security features. As part of our ongoing development efforts, Snyk is working towards an additional integration enabling AppSec teams to access a centralized view of Web, API, and Code assets all within a single interface. This aims to empower teams with real-time insights, bringing together static application security testing (SAST), software composition analysis (SCA), and DAST findings in one seamless dashboard.

Additionally, Snyk API & Web is planned to include enterprise-grade capabilities through a new Command-Line Interface (CLI) designed for organizations with extensive asset portfolios. This enhancement will allow users to programmatically manage scans, targets, and findings at scale, streamlining workflows and enabling automation across CI/CD pipelines.

Snyk’s commitment to innovation is further exemplified by two groundbreaking features that will expand what’s possible in the DAST market:

- AI-Driven API Testing Engine. Powered by the innovative use of GenAI in this context, Snyk's AI-powered API Security Testing engine will help Snyk modernize the way APIs are tested: to help better map the ever-growing API attack surface and automate the scanning of their vulnerabilities. The engine makes use of a combination of GenAI and traditional AI/ML models to expand Snyk's coverage of critical aspects in OWASP's Top 10 API Security Risks, particularly on issues derived from exploits on business logic, such as OWASP's #1 Risk, BOLA (Broken Object Level Authorization).

- Code-Informed Dynamic Testing. Snyk API & Web is able to correlate static and dynamic analysis for smarter, more accurate vulnerability detection. By extracting critical information directly from code, this feature automatically configures DAST tests, identifies APIs, and generates their specifications to optimize scanning accuracy and efficiency. This unified approach provides comprehensive coverage, ensuring no vulnerability goes unnoticed.

Share this

Industry News

May 08, 2025

AWS announced the preview of the Amazon Q Developer integration in GitHub.

May 08, 2025

The OpenSearch Software Foundation, the vendor-neutral home for the OpenSearch Project, announced the general availability of OpenSearch 3.0.

May 08, 2025

Jozu raised $4 million in seed funding.

May 07, 2025

Wix.com announced the launch of the Wix Model Context Protocol (MCP) Server.

May 07, 2025

Pulumi announced Pulumi IDP, a new internal developer platform that accelerates cloud infrastructure delivery for organizations at any scale.

May 07, 2025

Qt Group announced plans for significant expansion of the Qt platform and ecosystem.

May 07, 2025

Testsigma introduced autonomous testing capabilities to its automation suite — powered by AI coworkers that collaborate with QA teams to simplify testing, speed up releases, and elevate software quality.

May 06, 2025

Google is rolling out an updated Gemini 2.5 Pro model with significantly enhanced coding capabilities.

May 06, 2025

BrowserStack announced the acquisition of Requestly, the open-source HTTP interception and API mocking tool that eliminates critical bottlenecks in modern web development.

May 06, 2025

Jitterbit announced the evolution of its unified AI-infused low-code Harmony platform to deliver accountable, layered AI technology — including enterprise-ready AI agents — across its entire product portfolio.

May 05, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, and Synadia announced that the NATS project will continue to thrive in the cloud native open source ecosystem of the CNCF with Synadia’s continued support and involvement.

May 05, 2025

RapDev announced the launch of Arlo, an AI Agent for ServiceNow designed to transform how enterprises manage operational workflows, risk, and service delivery.

May 01, 2025

Check Point® Software Technologies Ltd.(link is external) announced that its Quantum Firewall Software R82 — the latest version of Check Point’s core network security software delivering advanced threat prevention and scalable policy management — has received Common Criteria EAL4+ certification, further reinforcing its position as a trusted security foundation for critical infrastructure, government, and defense organizations worldwide.

May 01, 2025

Postman announced full support for the Model Context Protocol (MCP), helping users build better AI Agents, faster.

May 01, 2025

Opsera announced new Advanced Security Dashboard capabilities available as an extension of Opsera's Unified Insights for GitHub Copilot.