Announcing Agentic Development Security (ADS)

Today, we're announcing Agentic Development Security (ADS), a new Evo solution designed for securing AI-driven software development.

AI agents are now active participants in the software development process, selecting tools, executing actions across systems, and generating production-ready code at machine speed. Traditional application security wasn't built for this model: risk enters continuously through the tools agents depend on, the actions they take, and the code they produce, often before a single line is committed or reviewed.

Evo ADS addresses this directly by embedding security into AI-driven development workflows to give organizations visibility, governance, and control over what agents use, what they do, and what they generate.

The shift is already happening

AI agents have evolved beyond just assisting developers and are now actively building software. They pull in tools and data, execute actions across systems, and generate production-ready code. At the same time, AI tools are enabling a broader set of users beyond traditional engineering teams to create and modify applications.

The data confirms this. According to Snyk's own scan data from nearly 10,000 developer environments, 80% of developers are already running two or more AI coding environments, and 50.8% have live MCP server connections linking those agents to production tools and external systems.

The result is software increasingly produced through dynamic, multi-step workflows, often in ways that are difficult to observe and even harder to control. That gap is where traditional security breaks down. As AI takes on more of the creation process, the question becomes unavoidable: can you trust what your agents are shipping?

The problem: traditional security is still only focused on code

Traditional application security was built for a model of development where developers wrote code manually, changes moved through controlled pipelines, and security scanned artifacts after they were created.

That model no longer holds with agent-driven development. Risk enters continuously through external tools, MCP servers, and integrations with limited visibility; through agents executing commands across systems with varying levels of autonomy; and through AI-generated code produced at a pace that renders after-the-fact scanning insufficient.

We’re already seeing what happens when this model operates without the right controls. In a recent incident, an AI agent deleted an entire production database, along with its backups, in under ten seconds. The agent was trying to fix a routine issue, but with access to the wrong credentials and no guardrails on its behavior, it took a destructive action against the wrong environment. There was no human approval, nor was there a system in place that stopped it.

This is the reality of agentic development: agents don’t just suggest; they act. When those actions aren’t governed, the blast radius is significant, and the impact is immediate. The pace of AI-driven development is outpacing our ability to secure it.

The solution: A security model closer to where decisions are made

Securing this new reality requires security to move closer to where those decisions are made, shifting from securing code to securing the system that produces it. Because risk is introduced across the full agentic development lifecycle, security must be embedded directly where agents and developers build software.

This requires a model that can evaluate agent behavior before actions are executed, enforce policy in real time, and continuously assess the security of AI-generated outputs before they reach production. It also means giving organizations a clearer view of the inputs agents use, their actions, and whether the code they produce can be trusted.

This is the shift that Evo Agentic Development Security (ADS) is designed to support: from securing code to securing the system that produces it. By governing what agents use, what they do, and what they generate, organizations can adopt AI-driven development without losing momentum.

How Evo Agentic Development Security works

Rather than operating after the fact, Evo ADS extends security directly into AI-driven development workflows by:

• Securing the agent supply chain

• Governing agent behavior

• Ensuring trusted generated code at inception

This allows security to become an active control layer operating in real time – observing, evaluating, and intervening only when necessary. The result is a new operating model in which developers and AI agents can operate at full speed, with security continuously validating activity in the background.

Securing the agent supply chain

AI agents rely on a rapidly expanding ecosystem of MCP servers, tools, skills, and external services. Unlike traditional software dependencies, many of these components are introduced dynamically during execution, creating a new supply chain that often operates outside existing security controls.

The scale is larger than most organizations realize. Snyk scan data uncovered 4,524 unique MCP servers across nearly 10,000 developer environments - the top 1% of installations run 13 or more MCP servers per machine. More than half of developers already have live connections to production tools. Of those, 1 in 12 has a confirmed high or critical security finding today.

Evo ADS continuously discovers and inventories the components being used across AI-driven development workflows, providing organizations with visibility into the risk they are introducing. It evaluates each component using security signals such as permissions, provenance, known vulnerabilities, risk indicators, and organizational policy requirements, enabling teams to understand not just what is being used, but whether it should be trusted.

Play Video: Inspecting skill in inventory

While traditional development relies on periodic reviews or manual approvals, Evo ADS continuously evaluates discovered components against organizational policy. Security teams can identify where unapproved, restricted, or high-risk components are being used and create policies that surface findings with the right severity and detail remediation steps, so teams know exactly what to act on.

Play Video: Create policy block mcp server

The result is a trusted foundation for AI-driven development where security teams gain visibility into an evolving agent ecosystem, developers retain the flexibility to move quickly, and organizations can confidently scale AI adoption without losing control of what enters their development environment.

Governing agent behavior

The biggest shift with agentic development is that agents take action. They execute commands, access files, interact with APIs, retrieve data, invoke tools, and make decisions across development environments with increasing levels of autonomy. Evo ADS operates directly inside the agent execution loop, providing insight into what agents are doing and why.

Play Video: Analyze agent action

By combining awareness of session context, user intent, requested actions, and organizational policy, Evo ADS evaluates agent behavior before executing actions. Security teams can thus establish guardrails that allow agents to operate safely within defined boundaries, rather than relying on alerts after the fact. With Evo ADS, governance can be applied directly at the point of execution, blocking high-risk actions, restricting permissions, and intercepting policy violations before they impact systems, data, or infrastructure.

Organizations gain continuous oversight of agent activity, developers maintain the speed and productivity benefits of AI, and security moves from detecting problems after they occur to preventing them before they happen.

Evo ADS behavior governance capabilities are currently available in Open Preview.

Ensuring trusted generated code at inception

Since AI enables code to be generated continuously, security and trust must be established at the moment of creation.

Evo ADS helps ensure that AI-generated code is secure from the start by integrating directly into AI coding workflows. Rather than waiting for code to reach a repository or CI pipeline, security checks are applied as code is generated, helping identify vulnerabilities, insecure dependencies, infrastructure misconfigurations, and secrets before they spread downstream.

Building on Snyk's long-standing secure-at-inception approach, Evo ADS extends these capabilities to AI-driven development workflows with deterministic security checks, asynchronous validation, and optimized context management, specifically designed for AI coding environments.

To minimize disruption to developers and AI agents, these checks operate asynchronously through lightweight hooks embedded directly into development workflows. When no new issues are introduced, nothing is added back into the agent's context window, allowing development to continue uninterrupted. When issues are detected, only actionable findings related to newly generated code are surfaced, helping agents focus on remediation without being overwhelmed by noise or historical findings.

Play Video: Ensure trusted outputs

This approach reduces friction for developers and makes secure-at-inception workflows significantly more efficient in terms of token consumption. Instead of repeatedly injecting full scan results into the AI context window, ADS provides only the minimum signal required to drive remediation. Clean scans incur no additional AI context overhead, while remediation guidance is surfaced only when action is required.

The result is a security model that scales with AI-driven development: secure code is generated by default, developers and agents receive focused guidance when needed, and organizations avoid the cost and inefficiency of validating large volumes of AI-generated code after the fact.

Part of a larger system: Evo by Snyk

Agentic Development Security (ADS) is part of Evo by Snyk, Snyk's platform for securing the AI software lifecycle. Within Evo, ADS focuses on securing how software is built in the age of AI agents.

Evo ADS includes capabilities for securing the agent supply chain, governing agent behavior, and ensuring trusted output. Together, these capabilities help organizations safely adopt AI-driven development without slowing innovation.

Beyond agentic development environments, Evo extends security across the full AI software lifecycle. Evo AI-SPM provides visibility and governance for the AI models, agents, workflows, and applications deployed across your organization, while Continuous Offensive Security continuously validates deployed systems through AI-powered pentesting and agent red teaming.

Together, Evo ADS, AI-SPM, and Continuous Offensive Security help organizations secure the code AI writes, the agents it runs, and the applications it builds — enabling the safe adoption of AI across the software lifecycle.

Why this matters now

AI-driven development is no longer experimental. Across organizations of every size, AI agents are becoming active participants in the software creation process — selecting tools, executing actions across systems, and generating production-ready code at a scale that traditional development models were never designed to support.

This changes the role of security. For years, application security focused on scanning artifacts after they were created, gradually shifting earlier in the development lifecycle to reduce risk. But in an agentic world, many of the most important security decisions are made before code is even written. Risk arises from the tools agents use, the actions they take, and the code they generate. Organizations need more than visibility into code. They need confidence across the systems that build it.

Evo ADS is designed for this new reality. By securing what agents use, what they do, and what they generate, Evo ADS helps organizations safely scale an expanding AI workforce without sacrificing speed, innovation, or trust. As software development becomes increasingly autonomous, securing how software is built will become just as important as securing the software itself.

Get started

AI-driven development is already reshaping how software is built, and the organizations that succeed will be the ones that can adopt it safely – without slowing down. With Evo Agentic Development Security, organizations can move at AI speed while maintaining visibility, governance, and control over how software is built.

See how Evo ADS works in practice by scheduling a demo or joining our upcoming webinar to learn how leading teams are securing AI-driven development workflows today.