January 16, 2024
Acquisition Turbocharges Snyk’s ASPM Vision and Solutions with Customers Gaining Runtime Context
BOSTON, MA – January 16, 2024 – Snyk, the leader in developer security, today announced the acquisition of Helios, an industry pioneer capturing application runtime data, to further enhance Snyk’s cloud-to-code risk visibility. The acquisition marks a milestone in Snyk’s Application Security Posture Management (ASPM) journey, accelerating the evolution of Snyk AppRisk and allowing enterprise security teams to more effectively manage their global application security programs at scale.
With the pace of software development continuing to increase, many enterprises aspire, but struggle, to have a deep understanding of their apps from cloud-to-code, in order to get a full picture of their overall risk. In direct response, Snyk will now combine Helios’ full-stack runtime data collection and insights with the power of the Snyk Developer Security Platform to provide customers with a truly comprehensive picture of their applications, spanning the entire software development lifecycle.
The current market landscape leaves mature security teams wanting as traditional AppSec vendors are unable to correlate build-time security scans with live runtime security signals, while runtime forensics vendors lack crucial developer understanding. Snyk customers can now leverage security context from all phases of development – from when code is built, to when it is compiled, to when it is deployed– facilitating true DevSecOps collaboration.
“As the pace and complexity of software development continues to rapidly increase, we’ve seen our global customers reap enormous productivity gains, but often at the cost of increased risk and critical security concerns,” said Peter McKay, CEO, Snyk. “This acquisition was executed with those valid concerns top of mind. We’re excited to welcome the Helios team and look forward to continuing to push the market forward with our ASPM vision and enhanced solution.”
With Helios' cutting-edge runtime forensic capabilities, Snyk customers will now have access to:
End-to-end application discovery: holistic visibility of an entire application environment;
Risk-based prioritization: ability to use actionable runtime insights to focus remediation efforts where they matter most to the business; and,
Full-stack runtime data collection: including multiple data collection methods to ensure a comprehensive picture of applications in runtime.
“This is an incredible opportunity for the Helios team to join Snyk and change how the industry views ASPM, and we’re thrilled that our technology will immediately be able to help more AppSec and developer teams be successful,” said Eli Cohen, Co-Founder and CEO, Helios. “We’ve long admired Snyk’s approach and proven success and we’re honored to join this innovative, collaborative culture.”
The Helios acquisition is Snyk’s latest move demonstrating the company’s vision for developer-led ASPM. Snyk acquired ASPM leader, Enso Security, in June 2023, adding notable prioritization and remediation capabilities to their existing platform. In December, the company closely followed that acquisition with the launch of its market-disrupting ASPM solution, Snyk AppRisk, a first-of-its-kind tool designed to help AppSec teams govern their security program in seamless collaboration with development and reduce risk at scale.
Strengthened Security Prioritization
Today’s modern AppSec and development teams need one field of vision of which risks are present and which should be prioritized. Deep application understanding and development context, from developer-focused tools that analyze source code, libraries and configurations, is crucial to preventing risks that appear during the early stages of application development. When combined with runtime analysis, or the evaluation of applications after deployment, both of these forms of analysis inform much sharper insight into application behaviors and risk, enabling organizations to prioritize remediation effectively as well as alleviating alert fatigue by discerning actionable threats from non-issues.
Enhanced Partner Ecosystem
With Helios’ functionality, Snyk can now additionally bring greater benefit to their strategic partners by leveraging these runtime insights for complementary value. In both the near- and long-term, Snyk looks forward to creating even more advantages and opportunities within its partner ecosystem for mutual customers looking to benefit from enhanced runtime data, visibility and analysis.
“Runtime context is critical to properly prioritizing application security issues,” said Ely Kahn, VP Product, SentinelOne. “The Snyk+SentinelOne integration identifies which container images are deployed in runtime and whether they have malware or other threats associated with them. Snyk users can leverage this information to identify which container image vulnerabilities should be prioritized for remediation.”
For more information on Snyk’s acquisition of Helios, visit here.