LONDON and TEL AVIV, Israel, May 1, 2019 /PRNewswire/ -- Snyk announces it will protect and secure the development of applications and containers using open source and running on Microsoft Azure. Snyk is announcing its native integrations with Azure providing security throughout the software development life cycle (SDLC), enabling customers to secure their payloads and adopt open source and cloud more quickly and safely. Through this integration, Snyk simplifies and secures cloud migration for Azure customers, empowering developers to prevent vulnerabilities from being deployed and quickly closing new threat exposure by automating remediation.
Cloud migration continues to explode in 2019, and old security practices and tools undermine the benefits of collaboration and speed that Azure provides. As cloud developers accelerate software delivery, it is critical they have security streamlined into their existing workflows and processes to prevent it from slowing them down. With the growing usage of open source across modern software development, there is rapidly increasing risk of vulnerabilities within open source libraries that must be addressed earlier in the SDLC. Snyk enables the complete team of developers, devops and security to collaborate to secure their applications and containers while running quickly and deploying continuously.
"Cloud migration is a challenging endeavor, and you need tools that help you to empower developers to implement it securely," says Guy Podjarny, CEO, Snyk. "Azure offers a broad and powerful platform for dev teams, and we are excited to partner with Microsoft to help developers implement security early, with an approach that is tightly integrated into their existing Azure workflows. By enabling developers to take ownership of securing their applications, Azure customers can truly achieve security at scale."
Snyk's developer-first solution offers tightly integrated vulnerability management and remediation across the Azure SDLC - from code release to runtime. The Snyk integration enables DevSecOps, empowering developers to continue to release fast, while ensuring the security of their projects and assuring overall control and governance.
"As companies of all sizes continue to migrate to the cloud, with applications heavily powered by open source, Azure is providing the best environment for an easy and secure migration," said Eduardo Laureano, Principal PM Manager at Azure Functions, Microsoft. "By partnering with Snyk to secure the software development life cycle on Azure, we're giving customers the confidence to extend their use of open source technologies, such as Azure Functions, and accelerate their journeys towards digital transformation."
Automated Vulnerability Testing and Fixing
Azure DevOps; Putting security ownership in the hands of developers
Snyk's native integration with Azure Repos and Azure Pipelines will allow organisations to empower their developers to take control of security - from commit time through CI/CD. It allows companies to realize a true 'shift-left' trajectory, enabling developers to find and fix vulnerabilities during development when it is much less costly than when applications are deployed in production.
Container Security; Azure Container Registry
For organizations adopting containerized applications, Snyk's integration with Azure Container Registry scans all container images for vulnerabilities and provides actionable advice to eliminate the identified vulnerabilities. Snyk then provides direction to rebuild an image or to switch to a more secure base image. Additionally, the build process of new container images is prevented if they contain vulnerabilities that do not meet the configured policy.
Continuous Monitoring; Azure Functions
In serverless environments, Snyk gives development and operations teams a detailed view of the security posture of the entire portfolio running functions. It enables Azure users to ensure that newly discovered vulnerabilities are acknowledged and remediated, and the team is empowered to gate the deployment to make sure no new vulnerabilities are introduced to the environment.
For more details on the integration, click here.
Snyk is a developer-first security solution that helps organizations use open source and stay secure. Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and Docker images. Snyk's solution is built on a comprehensive, proprietary vulnerability database, maintained by an expert security research team in Israel and London. With tight integration into existing developer workflows, source control (including GitHub, Bitbucket, GitLab), and CI/CD pipelines, Snyk enables efficient security workflows and reduces mean-time-to-fix.