Rapid7 and Snyk Announce Strategic Partnership to Deliver End-to-end Application Security to DevOps-driven Organizations

Joint offering combines robust application security monitoring and protection with developer-first security for finding and fixing open source vulnerabilities

San Fransisco - RSA Conference, CA — February 24, 2020

Rapid7 (NASDAQ: RPD), a leading provider of security analytics and automation, and developer-first company, Snyk, today announced a strategic partnership to deliver end-to-end application security to organizations developing cloud native applications.

Together, Snyk and Rapid7 will provide businesses with a comprehensive approach to modern application security, offering continuous integrated security from the beginning of the application development process through to continuous monitoring and protection in production.

Through this partnership, developers will be empowered to take responsibility for security by helping them find and fix vulnerabilities early in development, while giving security teams the ongoing control and visibility they need. Additionally, it will help customer organizations bridge the traditional gap between security and development, allowing them to work together to scale security, as well as understand and mitigate risk and enhance cloud security.

According to a recent Forrester report on the state of application security, web applications and software vulnerabilities are the top two ways external attacks are carried out. Additionally, recent research from Snyk found that vulnerabilities in open source libraries are growing rapidly, nearly doubling in two years.

“Cloud native applications have driven the industry to adapt and create a more integrated approach to application and infrastructure security, and we are excited to integrate Snyk’s vulnerability intelligence into our Insight cloud products,” said Cindy Stanton, vice president, vulnerability and risk management, Rapid7. “Through this partnership, Rapid7 and Snyk are helping our customers to create a workflow that brings developers closer to security and enables IT teams to fix vulnerabilities fast and early, at scale.”

With the goal of providing customers with deeper insight into modern application security, Rapid7 will begin integrating Snyk’s vulnerability database into its existing vulnerability intelligence to offer significantly more detailed and timely coverage of open source risks. As a Snyk Intel Partner, Rapid7 will add the Snyk vulnerability database to its Insight cloud solutions to enhance vulnerability visibility analysis across the Rapid7 portfolio. Ultimately, Rapid7 customers will be able to access Snyk’s developer-first approach to open source and container security and automate fixing to assist them in finding vulnerabilities early and often.

“Modern businesses today cannot invest in moving to the cloud without an end-to-end application security strategy that enables teams to continuously secure and protect their software development life cycle,” said Peter McKay, CEO, Snyk. “Rapid7 shares our vision to automate and monitor security at scale by providing security, devops and development teams with the solutions they need to achieve fast, secure application delivery.”

Snyk is exhibiting at the RSA Conference 2020 (booth #2162), February 24-28 at the Moscone Center in San Francisco, and will be co-presenting in the Rapid7 booth (North Hall booth #5565) on Tuesday, Feb 25 at 2 pm and Wednesday, Feb 26 at 1:30 pm PT. Snyk co-founder Guy Podjarny will also join Rapid7’s senior director, engineering, Boris Chen, for a fireside conversation on Tuesday, Feb. 25 at 1:30 pm PT at the Press Club SF, 20 Yerba Buena Lane. This event is open to the public and more information can be found here. Additionally you can add your name to this waitlist for updates on the Snyk and Rapid7 partnership.

About Rapid7
Rapid7 (Nasdaq: RPD) is advancing security with visibility, analytics, and automation delivered through our Insight cloud. Our solutions simplify the complex, allowing security teams to work more effectively with IT and development to reduce vulnerabilities, monitor for malicious behavior, investigate and shut down attacks, and automate routine tasks. Over 9,000 customers rely on Rapid7 technology, services, and research to improve security outcomes and securely advance their organizations. For more information, visit our website, check out our blog, or follow us on Twitter.

About Snyk
Snyk is a developer-first security company that helps organizations use open source and stay secure. Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and container images. Snyk's solution is built on a comprehensive, proprietary vulnerability database, maintained by an expert security research team in Israel and London. With tight integration into existing developer workflows, source control (including GitHub, Bitbucket, GitLab), and CI/CD pipelines, Snyk enables efficient security workflows and reduces mean-time-to-fix. For more information or to get started with Snyk for free today, visit https://snyk.io.



1 The State Of Application Security, 2019, Forrester, February 27, 2019