Skip to main content

Snyk Adds Agentic Development Security to its AI Security Platform: The Enforcement Layer for the AI Agents Now Building Enterprise Software

Default News banner

June 23, 2026

Real-time enforcement across the full agent development lifecycle — governing what agents use, what agents do, and securing the code they generate.

BOSTON, June 23, 2026Snyk, the AI security company, today announced Evo Agentic Development Security (ADS), extending security coverage to the AI workforce powering modern software development. Evo ADS secures how software is built in the age of autonomous AI agents — governing what agents use, what they do, and what they generate — in real time, inside the agent workflow, before risks increase.

AI coding assistants have evolved into autonomous agents — systems that invoke external tools, take actions, and generate software with minimal human oversight, connected to internal systems through MCP servers, plugins and third-party integrations. Existing security models were built to scan code and artifacts, not to govern the systems creating that code, vet the tools they use, or enforce policy on what an agent does at runtime. Data from enterprise environments confirms the shift is already underway — and publicly documented attacks have already demonstrated working exploits through the agent toolchain itself, from malicious MCP servers to prompt injection embedded in the dependencies agents consume.

Autonomous agents have outpaced the security models designed to govern them

Anonymized telemetry from nearly 9,700 developer environments reveals how far this shift has already progressed. Forty-three percent  of developers run two or more AI coding environments simultaneously, and more than half have MCP servers installed. The most instrumented environments had more than 80 MCP servers running simultaneously. These connections create live access to code repositories, browsers, internal tools and production systems, with no security controls between them.

The risk inside that supply chain is very real. One in 12 developers with MCP servers has a high or critical finding. A separate analysis of early ADS enterprise design partner environments revealed the parallel threat in agent skills: nearly 1 in 4 developers has at least one skill installed, averaging 18 each, and more than 1 in 10 skills reference external dependencies or externally hosted instructions. Existing security tools scan code after it is written; they have no visibility into MCP configurations, skills, or what agents do at runtime.

Evo Agentic Development Security: enforcement built into the agent execution loop

Until now, security teams have faced a false choice: block AI coding agents entirely and sacrifice the productivity gains the business is demanding, or allow them with no visibility into what they're connecting to or what they're doing. Evo ADS introduces a third option: govern them. It introduces a continuous control layer that operates inside the agent workflow — not downstream from it — across three layers of the agentic development lifecycle:

  • Secure the agent supply chain: Discovers and assesses the MCP servers, skills, and external tools agents pull in — surfacing prompt injection, malicious code patterns, and supply chain risks before agents ever interact with them.

  • Govern agent behavior: Monitors and enforces real-time policy on what agents do while they operate — blocking destructive actions before they execute, and governing the systems agents access and the workflows they run. 

  • Ensure trusted output: Scans and fixes AI-generated vulnerabilities at the moment of creation — enforcing security at inception rather than in post-production review. 

One solution. Three layers. Continuous enforcement across every phase of agentic development. Internal AI gateways can provide routing and logging — but they cannot determine whether an MCP server is malicious, whether a skill carries hostile instructions, or whether generated code is actually exploitable. That requires an independent enforcement layer operating across real-world environments at scale.

“Ask a security leader for a complete inventory of the AI agents, MCP servers, and skills running across their developer machines — in most organizations, that inventory doesn't exist," said Manoj Nair, Chief Technology & Innovation Officer at Snyk. "That is the gap Evo ADS closes. It discovers what is actually installed, governs what agents do while they run, and validates what they produce. The question is no longer whether your team is using AI agents. It is whether you have a governance layer — and right now, for most organizations, the answer is no."

For organizations already deploying AI coding agents, the governance gap is immediate. Relay Network,  whose engineering teams run GitHub Copilot, Codex, and Windsurf, and are transitioning to Claude Code as their primary development assistant, embedded Snyk directly into AI-assisted development workflows to enforce security as code is created.

"As we expanded our use of agentic development, it opened up a new attack surface,” said Brendan Putek, director of DevOps, Relay Network. “We're seeing supply chain attacks, malicious skills and compromised MCP servers riding in on the agent's own toolchain, plus agents taking actions with no guardrails between intent and execution. The blast radius isn't bounded and we're early in the curve. Working with Snyk, we landed on what I think is the right architecture: controls built directly into the agent workflow that govern what an agent uses, executes, and generates."

"Agentic development security represents a fundamental shift in how developers think about code," said Oliver Neuberger, Managing Director, EMEA and UKI CMT cybersecurity practice lead, Accenture. "The potential for agents to deliver value is enormous, but their impact demands mindful development and the right guardrails — so enterprises can deploy them securely and with confidence."

Availability

Evo ADS will be generally available June 29, timed to roll out while Snyk attends the  AI Engineer World's Fair, where Snyk is the exclusive sponsor of the event's first-ever security track. 

The launch means the Snyk AI Security Platform now governs AI across the full software lifecycle, from agents writing code to the models running in production to the applications the agents build. 

Evo AI-SPM delivers total visibility and machine-speed governance of AI assets. Evo Continuous Offensive Security (COS) simulates attacks to find exploitable vulnerabilities before adversaries do. Evo ADS secures the AI workforce itself — the agents and tools through which software is now created. Together, the three solutions form the AI Security Fabric – the independent validator that makes AI-generated code, AI agents, and AI-native applications trustworthy.

To learn more, read our blog on Evo Agentic Development Security. To see Evo ADS in action, register for our upcoming webinar, Securing AI-Driven Software Development in the Age of AI Agents, on July 16.

About Snyk 
Snyk, the AI security company, empowers the AI-driven enterprise to develop and secure its future, ensuring organizations can trust AI to innovate without limits. The Snyk AI Security Platform delivers the industry's AI Security Fabric, weaving protection directly into the flow of creation to secure GenAI code, AI-native applications, and agentic systems. By delivering visibility, control, and autonomous defense secure at inception, Snyk enables over 4,800 global customers to build fearlessly in the AI era.