Software intelligence company Dynatrace, on February 16, announced a strategic technology alliance with Snyk to make software delivery more secure. The partnership will leverage the DevSecOps Lifecycle Coverage with the Snyk app, built using the new Dynatrace AppEngine.
The app is designed to connect Snyk container scans in pre-production with Dynatrace production-runtime insights. It will also enable security and development teams to use the Dynatrace platform to unlock precise, AI-powered answers that detail and prioritize vulnerabilities across the software lifecycle, with guidance that allows them to remediate security risks proactively.
According to recent research, 69% of CISOs say vulnerability management in modern software development has become more complex.
Development and security teams need help to balance the volume of applications in their environment and increased deployment frequency with the need to ensure these applications are secure. As a result, many applications need to be adequately validated with security scans. To maintain agility, teams need unified analytics across the software lifecycle that pinpoints gaps and enables proactive risk mitigation.
“Dynatrace’s new DevSecOps Lifecycle Coverage with Snyk app provides an end-to-end understanding of application security, from pre-production to production-runtime environments,” says Luca Domenella, Head of Cloud Operations and DevOps at Soldo.
“Pre-production container scans from Snyk combined with AI-powered application runtime insights and analytics from Dynatrace will enable our teams to pinpoint the location of vulnerabilities in our complex multicloud ecosystem, automatically prioritize these based on the risk of each exposure, and use recommendations to proactively remediate these risks.”
“How developers build applications today is inherently tied to their organization’s overall security posture, and the DevSecOps Lifecycle Coverage with Snyk app now shifts Dynatrace’s functionality left to allow global developer teams to continue their pace of innovation securely, by default,” adds Peter McKay, Chief Executive Officer of Snyk.
“We’re excited to continue strengthening our relationship with the Dynatrace team, showing the industry the increasingly beneficial relationship between two critical enterprise initiatives: developer security and observability.”
“Dynatrace and Snyk are advancing security coverage across the software lifecycle to enable end-to-end mitigation of risks so teams can drive faster innovation with confidence,” notes Bernd Greifeneder, Founder and Chief Technology Officer at Dynatrace.
“DevSecOps Lifecycle Coverage with Snyk will provide automated vulnerability management and mitigation in pre-production and production environments, which is critical in cloud-native development, as new vulnerabilities constantly surface, and it’s not always clear which ones require attention.”
“Powered by the Dynatrace platform’s causal-AI-powered, real-time answers, this new capability will provide end-to-end coverage to help development and security teams ensure no application slips into production unscanned. It also provides continuous threat detection and blocking at runtime to help ensure flawless service delivery and improve the overall efficiency of security operations.”
The DevSecOps Lifecycle Coverage with Snyk app will be available within 90 days of this announcement.