Snyk to Provide Developer-First Security in Atlassian Bitbucket Cloud
28 avril 2021
New Collaboration Simplifies Security for Bitbucket Cloud Users; Snyk Named Featured Security Partner for Atlassian's Open DevOps Initiative
Atlassian Team '21, April 28, 2021 - Snyk, the leader in cloud native application security, today announced that Snyk is now integrated into Bitbucket tooling, giving Bitbucket Cloud users rich security insights without having to leave the product. In addition, and as a further sign of the two companies' continued commitment to the ongoing partnership, Atlassian has designated Snyk as the company's featured security partner for its critical Open DevOps initiative.
This newest collaboration will surface Snyk's developer-first security solution in the Bitbucket Cloud platform for the first time, empowering all Bitbucket Cloud users to now manage and mitigate their open source risk as part of the development process and throughout Bitbucket workflows. This enables the following:
Individual developers: While building their applications on Bitbucket Cloud, these users can seamlessly integrate Snyk's security insights and automated remediation to more easily find, prioritize and fix vulnerabilities in their open source dependencies and containers.
Developer team managers: Team leaders can understand exactly what risk exists within the codebases their teams contribute to daily in order to proactively resolve issues before they are escalated to security teams (with minimal interruption to their efficient, fast workflows).
Security analysts: This integration offers security practitioners greater visibility into existing vulnerabilities and license issues to better understand their cloud application risk and identify how to better prioritize fixes.
"Atlassian is deepening our existing partnership with Snyk so our millions of worldwide users can leverage the company's unparalleled, actionable security intelligence to eliminate risk before production, which is vital to developers to build software securely," said Suzie Prince, Head of Product, DevOps, Atlassian. "This new joint development is a crucial part of our overall commitment and ongoing effort to ensure security is front and center and fully embraced by all teams committed to the future of Open DevOps."
With a shared mission to provide developers with a more integrated, accessible security experience directly within Bitbucket, the new integration provides:
Repo scanning during coding, allowing developer teams to prioritize fixes during development (vs. waiting for security to flag urgent issues after shipping to production);
Automated pull requests within Bitbucket Cloud to fix vulnerabilities with security analysis for pull requests within Code Insights; and,
Security embedded into continuous integration/continuous delivery (CI/CD) workflows via Bitbucket Pipes.
"Snyk has long admired Atlassian's focus on the developer experience, which is also fundamental to our company ethos," said Geva Solomonovich, CTO, Global Alliances, Snyk. "In a world where developers need to continuously manage and connect multiple tools, making Bitbucket and Snyk now so tightly interoperable is removing a major pain point from the developer's day-to-day experience. Snyk is also honored to be the featured security partner for Atlassian's important Open DevOps initiative, working in lockstep to help more developers worldwide embrace and evangelize a security mindset."
Building on the long-standing partnership between the two companies, Snyk is also a Strategic Sponsor for Atlassian Team '21 alongside AWS and Slack. Prior to today's announcement, the Snyk and Atlassian partnership included integrations with Bitbucket Cloud, Bitbucket Pipelines and Jira.
This newest integration will be available in the coming weeks. To sign up for ongoing updates, including when developer teams can use Snyk within Bitbucket Cloud, click here.
About Snyk
Snyk, the cloud native application security leader, today enables 2.2 million developers to build securely, with a vision to empower every modern developer in the world to develop fast and stay secure. Only Snyk provides a platform to secure all of the critical components of today's cloud native application development including the code, open source libraries, container infrastructure and infrastructure as code. Snyk's developer-first approach enables technology-driven companies to scale security in today's fast-paced digitally transforming world. Snyk's security platform is powered by its industry-leading proprietary vulnerability database, maintained by the expert Snyk security research team, that also powers security solutions from strategic partners such as Atlassian, Datadog, Docker, IBM Cloud, Rapid7, Red Hat and Trend Micro. The company works with global customers of all sizes to empower developers to automatically integrate security throughout their existing workflows.Named to the 2020 Forbes Cloud 100, the definitive ranking of the top 100 private cloud companies in the world, Snyk was also recently recognized by Comparably as the #3 small-to-medium businesses for Happiest Employees in 2020.