Out of Beta, plus exciting new features
It’s been nearly 8 months since we first launched Snyk at the Velocity Amsterdam conference. Since then, we’ve registered over 343,000 security tests, and 76% of users found vulnerabilities in their apps. Snyk patches were applied 71,000 times, closing security gaps that couldn’t be upgraded away, and over 4,500 email alerts were triggered by newly disclosed vulnerabilities.
Snyk’s product has matured and grown to match this activity and our users’ needs, and we are now ready to take off the beta tag! Alongside graduating out of Beta, I’m excited to announce Snyk’s premium plans, which let users choose the support and features that are right for them.
We’re also adding two long awaited features to Snyk - tight GitHub integration and Organisation support. Each of these powerful new features will get its own blog posts soon, however, here’s a quick sneak peek for each.
New Feature: GitHub Integration
As of today, you can test all your npm GitHub repositories with a single click. You can also integrate this testing straight into your GitHub repository, catching new vulnerable modules as a Pull Request test, before they enter the stream.
Once you integrate a vulnerable repo, Snyk can auto-generate a Pull Request to fix the issues with a single click, making remediation trivial. Snyk will monitor your dependencies as they evolve, and if a new vulnerability disclosure affects them, we will send you both an email and a similar fix Pull Request, helping you secure your app in no time.
If you’re not using GitHub, note that Snyk’s powerful CLI lets you secure your app wherever it’s hosted. Go on, test your repositories and secure your app!
New Feature: Organisations
Developing applications is a team sport, and so is securing them. To let the entire team work together, we’re also launching Snyk Organisations. Every Snyk user, old and new, has an organisation automatically created, and can invite others to see and act on vulnerabilities, as well as get notified about relevant new disclosures.
You can create any number of organisations and invite as many users as you’d like to each. Organisations start on the free plan, but higher tier plans let you separate Administrators from Collaborators, with more controls to come.
Free for Open Source
Snyk’s is committed to making Open Source secure, and so will always be free for Open Source projects. You can monitor an unlimited number of public GitHub repositories, finding, fixing and preventing security flaws.
If you’re not using GitHub for your open source project, or if your open source project requires some of the premium plan features, let us know and we’ll make it happen.
While we’re launching premium plans today, note Snyk’s testing capabilities remain free. You can use Snyk’s CLI to test your applications for free, and our patches remain open source and free.
Our premium plans focus on productivity and response time. They offer the most efficient way to fix security issues, prevent new ones and respond to new vulnerability alerts. Plans scale based on the number of private repositories, as well as features and support suitable to increasingly larger teams.
The first private project is free, letting you get a true feel for Snyk without paying. Other plans start as low as $19/month, and scale up to Enterprise pricing. You can find the full details on our pricing page. Snyk Enterprise support for a self-hosted version is just around the corner as well. If you need Snyk in your network, send us an email and we’ll add you to the waiting list.
This is a very exciting day for us at Snyk. We’re grateful to the many users who helped us build the product in its early days, shaping it to fit their needs. For all you existing users, THANK YOU for all the feedback so far, and do keep it coming!
And for new and old users alike, go and and use these new features to stay Secure!
4 steps to address vulnerable dependencies
July 07, 2016Creating Snyk's GitHub integration, released in late June, helped clarify the different steps to truly address vulnerable dependencies, both immediately and in a continuous fashion. These steps are consistent across packaging systems, from npm to Maven to Chef cookbooks. This post explains each step, why they are needed, and how to apply them with Snyk.
The 5 dimensions of an npm dependency
June 16, 2016We often talk about the growing number of npm dependencies, and how they make us productive and fast or fragile and insecure. But what exactly is an npm dependency? This post defines the ways to look at an npm dependency.
Subscribe to The Secure Developer Podcast
A podcast about security for developers, covering tools and best practices.
Interested in web security?
Subscribe to our newsletter: