Skip to main content

Nightfall AI and Snyk unite to deliver AI-powered secrets scanning for developers

Escrito por:
blog-feature-ai-lilac

29 de novembro de 2023

0 minutos de leitura

Snyk provides a comprehensive approach to developer security by securing critical components of the software supply chain, application security posture management (ASPM), AI-generated code, and more. We recognize the increasing risk of exposed secrets in the cloud, so we’ve tapped Nightfall AI to provide a critical feature for developer security: advanced secrets scanning. 

Introducing our partner, Nightfall AI

Nightfall AI is the first AI-native data protection platform that automatically protects PII, PHI, PCI, API keys, and other sensitive data to help organizations achieve compliance with the leading industry frameworks. Using AI, Nightfall automatically detects over 100 sensitive data types, including secrets and credentials, to help companies proactively mitigate risk and achieve compliance.

“Nightfall AI’s partnership with Snyk provides a comprehensive solution for some of the most pervasive threats that developers and SecOps teams face in the cloud — including, most notably, leaked secrets and credentials. We are thrilled to deliver joint secret scanning and code scanning capabilities to help developers stay secure as they innovate.”

- Isaac Madan, Co-Founder and CEO of Nightfall

Why Snyk & Nightfall AI?

Nightfall’s AI-powered secrets scanning technology amplifies Snyk’s offerings by helping developers to detect and remediate secrets across the apps that they use at every stage of the code-to-cloud lifecycle, including: 

  • Comprehensive visibility into cloud environments: Nightfall AI can detect sensitive data, including secrets, credentials, and images, and provides the options to use pre-built, high-accuracy detectors or create custom detection rules for specific use cases.

  • AI-powered detection: Gain context surrounding each potential violation to accurately identify secrets — and cut down on false positive alerts.

  • Developer-centric remediation: Developers’ workflows aren’t impacted by active API keys being automatically redacted or removed without their knowledge.

Pairing secret scanning and code scanning capabilities helps developers stay secure as they innovate. Myke Lyons, CISO at Snyk, Isaac Madan, CEO and Co-Founder of Nightfall AI, and Jason Trip, Director of Solutions Engineering at Nightfall AI participated in a roundtable discussion on how AI is impacting security today and what developers can do to keep secrets and credentials secure.

“If you’re using tools like ChatGPT, which are trained on public data, be sure to monitor for vulnerabilities in code. You can do this by performing code reviews, running automated security tests against changes, and validating that you don’t regress your security posture. At Snyk, we offer a couple of tools that come in handy for scanning for vulnerabilities in AI-generated code, including our DeepCode AI tool."

- Myke Lyons, CISO at Snyk

Check out the full discussion for more AI best practices and tips — including mitigating some of the most prevalent risks associated with using AI tools.

Learn more about Snyk & Nightfall AI

Snyk customers can leverage Nightfall to detect sensitive content, including unknown unknowns, more accurately. If you’d like to learn more about combining the power of Snyk with Nightfall AI’s capabilities to stop the spread of secrets, reach out to your representative now for more information at sales@snyk.io or schedule a demo today.

blog-feature-ai-lilac

Best practices for AI in the SDLC

Download this cheat sheet today to learn best practices for how to leverage AI in your SDLC, securely.