Skip to main content

The inevitability of Developer Security

Written by:
wordpress-sync/blog-hero-snyk-developer-security

September 9, 2021

0 mins read

It’s exciting to share the news of our new funding round. It let us bring onboard some amazing investors and funds for further growth, along with setting the company valuation at $8.5B — a pretty big number. When you look at this valuation, and consider these smart investors expect it to grow substantially, you may wonder — how can this market be big enough to support these numbers? I would say the real question is — how can it not be?

Take a moment to think about the big trends that surround application development.

First, all businesses are becoming digital-first. From retail and finance to manufacturing and real estate, the long-term driver for success in practically every industry is technology. Software is eating the world, and the market value of tools that help create software is growing with it.

Second, applications are moving to the cloud. Cloud gives companies infinite capacity at a whim, and incredible advantages in agility, scale and costs. Companies that don’t leverage the cloud move too slow to remain competitive, or are limited to small niche markets.

Cloud turns hardware into software, and disrupts the IT market in the process. Hardware-oriented IT solutions need to be replaced with tools that manage and secure infrastructure as code. In the market, IT Security solutions need to be replaced by Application Security solutions, who secure the code creating the infrastructure.

Third, the need for security is only going to grow. As our lives and businesses get increasingly digital, our dependence on securing them becomes critical. Attackers are becoming more sophisticated and repeatedly succeed in getting through, driving customers and legislators alike to seek ways to force companies to properly protect their data. Like it or not, cybersecurity is a need and market that will only grow.

Unfortunately, security can’t be solved by simply pouring money into it. Every year, security budgets increase, and yet the number of breaches only grows. The security talent shortage is getting more severe, and the complexity is increasing alongside it. To successfully secure this digital, cloud native world, we need a different approach.

Which gets us to the last and most important point — developers.

Digital transformation hinges on independent developers working continuously and rapidly. Businesses live or die depending on how well — and how quickly — their dev teams are able to build new functionality, get it to customers, and adapt to what they learn. Cloud removes barriers, giving developers more control over the underlying infrastructure, and accelerating the deployment of new updates.

Developers are also the only way we can scale security. From writing safe code to updating a vulnerable open source library to configuring infrastructure correctly, developers are the ones making the decisions that decide how secure the app is. If we equip them with the right tools, and give them the mandate and process to use them, they can build security in and stay ahead of the attackers. If we don’t — we’re never going to keep up.

And so, I would repeat the question — how can developer security be anything but an enormous market? How can we afford, as an industry and a society, to not invest in developer security and do all we can to accelerate its adoption?

At Snyk, we are committed to doing precisely that — get developers to embrace security, and build it into the fabric of software development. As I see it, it’s the only way security can keep up with the pace of modern development, and a fundamental requirement for securing our digital lives.

 Learn more about the future of developer security at SnykCon 2021.

wordpress-sync/blog-hero-snyk-developer-security

CISOs Guide to Cultivating Developer Security

Want your development teams to start adopting secure development practices? Download our guide to discover actionable playbooks on improving developer adoption of security tools and how CISOs are implementing these today.