Customers

Segment

Segment adopts Snyk to gain comprehensive open source security coverage

Customer Spotlight

Leif Dreizler

Security Engineering

Industry: Tech
Location: San Francisco, USA

Products Featured

Snyk Open Source

Highlights:

Comprehensive database:Snyk’s wide security coverage enabled detecting vulnerabilities that were not picked by other platforms

Quick rollout:Launching was fast due to the Github integration, 1200 repositories were monitored within 2 days

Fix:Remediating vulnerabilities was seamless due to recommendation offered by the platform, without having the security team needing to enforce it

API integration: Using Snyk’s API to integrate to Segment’s key internal tool enabled monitoring the application security status as part of Segment’s main workflow

The Problem

Segment uses a wide variety of open source packages throughout its platform and wanted to maintain the highest security level possible. The solution used thus far, provided by Github, was not sufficient because it was not used by developers to actually fix vulnerabilities. In addition, the security coverage was lower than expected and not all languages were supported.

A stronger security coverage with Snyk

Snyk was able to meet these needs:

  1. The security coverage is more comprehensive and Snyk reported vulnerabilities that were not picked up by other evaluated solutions.

  2. It was quickly adopted by developers who enjoyed the fact that the platform offers easy to implement fixes for vulnerabilities.

  3. The platform supports a wide range of languages, including Go, which is commonly used in Segment’s infrastructure.

“We didn’t trust the security coverage (provided by other evaluated solutions) was comprehensive enough, which later comparing to Snyk was indeed clear… When the eslint-scope vulnerability came out it was easy to find which repositories were vulnerable, allowing us to upgrade or remove the dependency.”

Other vendors were reviewed as well, but they offered a less comprehensive vulnerability coverage, and did not detect some of the vulnerabilities found by Snyk. Other vendors lacked an integration with Github, which was crucial.

"Snyk integration with Github allowed us to get up running with no work. 2 days after we purchased, we already had Snyk monitoring 1,200 repositories.”

Dev-first approach

As an example of the developer security ownership that Snyk enabled, one of Segment’s developers took it upon himself, without any request from the security team, to clean up all the vulnerabilities detected by Snyk. Removing or upgrading all vulnerable dependencies took less than a day.

wordpress-sync/Dev-first-approach-1
The cleanup iterations are presented on Snyk’s UI, where each row presents the issues known at that time. All issues were quickly fixed and resolved within 19 hours.

Snyk API was used to easily integrate with key Segment internal monitoring tools

Snyk’s API was incorporated into Segment’s asset management tool, making it  easier to track the overall vulnerability status within the existing workflow of the company. Snyk maintains an API-first approach, according to which all new capabilities are introduced to the API even before they are added to the UI. Learn more here.

Snyk-API-was-used-to-easily-integrate-with-key-Segment-internal-monitoring-tools-1-1
A screenshot of Directory, Segment’s internal monitoring tool. Segment created a dedicated tab for Snyk test results and recommendations using Snyk’s API.

The Snyk team open and agile approach makes a big difference

Snyk’s team offers an open and supportive approach, listens to requests raised by the customer and is eager to support them. The team is quick to introduce new features, with fast releases that answer its customers needs. Communication channels are open and engage Snyk’s team to interact with the customer, which offers quick solutions in return.

“One of the main things that were really important for me was getting along with the vendor team. If something wasn’t provided out of the box the team was eager to help make things work. It really seems like the team is listening and incorporating feedback into the product roadmap.”

About Segment

Segment is the infrastructure for customer data. Businesses use Segment's API to unlock 200+ tools for every team across their organization. With Segment, developers can stop building tedious and expensive one-off data integrations while business users can get straight to work, turning on their favorite apps right from the Segment dashboard.

Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer’s toolkit.

Start freeBook a live demo