Snyk Vulnerability Intelligence to Integrate into IBM Cloud DevOps Capabilities
October 21, 2020

Snyk Intel vulnerability database will be integrated into IBM Cloud security capabilities to enhance security for enterprise workloads.

IBM is working to integrate Snyk's comprehensive security coverage into its public cloud security capabilities to help developers automatically find, prioritize and fix vulnerabilities in open source dependencies and containers throughout their entire workflow.

Snyk Intel Vulnerability DB is continuously curated by an experienced Snyk Security Research Team to enable teams to be optimally efficient at containing open source security issues, while maintaining their focus on development.

Access to Snyk vulnerability data analysis will be designed to allow IBM Cloud users to easily and quickly identify open source and container vulnerabilities before runtime, and paves the way to automation, remediation and ongoing monitoring.

"Cloud-native development has huge advantages for organizations in terms of efficiency and time to market, but it can be challenging to securely build, deploy and manage applications. The key is to provide automated tools that help teams detect vulnerabilities, analyze security configurations and manage changes at the very outset of development -- rather than discovering security issues at runtime," said Phil Buckellew, GM, IBM Cloud PaaS. "By bringing Snyk's vulnerability insights into our IBM Cloud DevOps capabilities, software engineers can now integrate security at every stage of the development lifecycle, and continue to innovate with speed on the IBM Cloud."

Peter McKay, CEO, Snyk, said: "It's an honor to strengthen our existing Red Hat relationship by becoming a key IBM Cloud security collaborator. Together we will facilitate more enterprises in embracing and benefitting from the developer-first mindset and approach."

The Snyk Intel vulnerability database also integrates into Red Hat CodeReady Dependency Analytics, a hosted service on Red Hat OpenShift that provides vulnerability and compliance analysis for applications, directly from the IDE. The integration enables Red Hat CodeReady Dependency Analytics users to find vulnerabilities as they code. Red Hat OpenShift also incorporates Snyk's developer-first security platform to detect threats and scan workloads running on Red Hat OpenShift clusters.

In addition to IBM Cloud, global leaders including Docker, the Linux Foundation, Rapid7, and Trend Micro, all use the Snyk Intel vulnerability database as their behind-the-scenes security solution to power high-quality, compliant and agile software development.

The integration of Snyk Intel into IBM Cloud DevOps is expected this quarter.

Share this

Industry News

July 26, 2021

Parallel Agile announced a new version of CodeBot, a low-code MERN stack application generator.

July 26, 2021

Appian unveiled its new Appian Japan regional office.

July 26, 2021

CloudTruth raised $5.25 million in seed funding led by Glasswing Ventures and Gutbrain Ventures, with additional funding from Stage 1 Ventures and York IE.

July 22, 2021

Postman successfully obtained the System and Organization Controls (SOC) 2 Type 2 and SOC 3 Type 2 reports for the Postman API platform, meeting critical industry standards relative to the Trust Services Criteria for security, availability, and confidentiality.

July 21, 2021

Scrum.org announced its new Professional Agile Leadership – Evidence-Based Management (PAL-EBM) training course.

July 21, 2021

BMC announced several new innovations and integrations within the BMC Automated Mainframe Intelligence (BMC AMI) and BMC Compuware portfolios designed to improve threat detection and response and expand access to mainstream DevOps tools to modernize mainframe applications and increase developer productivity.

July 21, 2021

CognitiveScale announced the release of Cortex Fabric Version 6—a new, low code developer platform for automation, augmentation and transformation of knowledge work and digital experiences.

July 20, 2021

JFrog announced the closing of the previously reported acquisition of product security company Vdoo.

July 20, 2021

Wind River has introduced its latest release of Wind River Studio.

July 20, 2021

Sysdig announced intent to acquire Apolicy.

July 19, 2021

Red Hat announced Red Hat Advanced Cluster Management for Kubernetes 2.3, the latest version of the company’s enterprise-grade Kubernetes management offering.

July 15, 2021

Platform9 announced the launch of Platform9 Managed KubeVirt.

July 15, 2021

ShiftLeft announced general availability of ShiftLeft Educate, a solution that delivers highly-effective security training for developers within the developer workflow.

July 15, 2021

Appfire announced the acquisition of Spartez Software.

July 14, 2021

Contrast Security announced its integration with Secure Code Warrior to deliver security contextual micro-learning modules to enhance developers' skills to easily fix vulnerabilities without the need of a security team.