Dynatrace and Snyk join forces to unify security insights across the entire software lifecycle
The alliance will leverage the DevSecOps Lifecycle Coverage with Snyk app, built using the new Dynatrace AppEngine. This app is designed to connect Snyk container scans in pre-production with Dynatrace production-runtime insights.
It will also enable security and development teams to use the Dynatrace platform to unlock precise, AI-powered answers that detail and prioritize vulnerabilities across the software lifecycle, with guidance that allows them to proactively remediate security risks.
According to recent research, 69% of CISOs say vulnerability management in modern software development has become more complex. Development and security teams struggle to balance the volume of applications in their environment and increased deployment frequency with the need to ensure these applications are secure.
As a result, many applications are not adequately validated with security scans. To maintain agility, teams need unified analytics across the software lifecycle that pinpoints gaps and enables proactive risk mitigation.
“Dynatrace’s new DevSecOps Lifecycle Coverage with Snyk app provides an end-to-end understanding of application security, from pre-production to production-runtime environments,” said Luca Domenella, Head of Cloud Operations and DevOps at Soldo.
“Pre-production container scans from Snyk combined with AI-powered application runtime insights and analytics from Dynatrace will enable our teams to pinpoint the location of vulnerabilities in our complex multicloud ecosystem, automatically prioritize these based on the risk of each exposure, and use recommendations to proactively remediate these risks,” Domenella continued.
“How developers build applications today is inherently tied to their organization’s overall security posture, and the DevSecOps Lifecycle Coverage with Snyk app now shifts Dynatrace’s functionality left to allow global developer teams to continue their pace of innovation securely, by default,” said Peter McKay, CEO, Snyk.
“We’re excited to continue strengthening our relationship with the Dynatrace team, showing the industry the increasingly beneficial relationship between two critical enterprise initiatives: developer security and observability,” McKay added.
“Dynatrace and Snyk are advancing security coverage across the software lifecycle to enable end-to-end mitigation of risks so teams can drive faster innovation with confidence,” said Bernd Greifeneder, CTO at Dynatrace.
“DevSecOps Lifecycle Coverage with Snyk will provide automated vulnerability management and mitigation in pre-production and production environments, which is critical in cloud-native development, as new vulnerabilities constantly surface, and it’s not always clear which ones require attention. Powered by the Dynatrace platform’s causal-AI-powered, real-time answers, this new capability will provide end-to-end coverage to help development and security teams ensure no application slips into production unscanned. It also provides continuous threat detection and blocking at runtime to help ensure flawless service delivery and improve the overall efficiency of security operations,” Greifeneder concluded.