SECURING DEVELOPMENT TEAMS
Interview by: James Henderson
Fresh off a bumper funding round, Snyk’s Founder & President Guy Podjarny tells Digital Bulletin about his plans for its developer security platform and makes his case for open source
Congratulations on the Series F funding round, what are your initial thoughts on the raise?
We’re all very happy with the adoption and momentum that drove these great investors to this Series F. Snyk has experienced great success to date, but, with an estimated 27 million software developers worldwide today and 45 million by 2030, we strongly believe there is still an exponential growth opportunity in front of us. This funding represents an investment in the future of security.
$530m is a significant raise, how are you going to put that money to work and how is it going to benefit Snyk?
This latest investment allows us to accelerate growth at every level. On the product side, the funding allows us to serve the fast-growing global demand for Snyk’s Developer Security Platform. This demand is driven both due to the explosion of digital transformation, as every company seeks to become a technology company and accelerate innovation, and the unique nature of our platform. Snyk’s is the only platform that is truly committed to and proven to get developer love and adoption, and to cover the full scope of modern applications, including the application code, open source libraries, container infrastructure and infrastructure as code.
Is geographic expansion and recruitment on the agenda?
Geographic expansion and recruitment are definitely high on the agenda - our amazing team is what got us here, and we need more amazing people to grow. We just hired two great executives, Dino Marino as Chief Revenue Officer and Adriana Bokel Herde as Chief People Officer, and are continuing to build the team across regions. We’ll reach 800+ employees worldwide by the end of 2021, having already added 320 this year, and specifically fund growth in APJ, which has grown from two people to 30 this year.
You’ve just mentioned Dino Marino, who’s joining from Mimecast. What do you expect him to bring to the table?
We’re really pleased to have Dino on board. He’ll focus on continued global expansion, advancing the build out of priority go-to-market initiatives and further strengthening our capabilities in the financial services and federal government verticals.
Could you speak to us about some of the highlights from 2021 to-date?
We’ve achieved a number of significant milestones in 2021, such as the expansion into Asia Pacific Japan earlier this year and increasing Annual Recurring Revenue by 165% year-over-year (i.e. grew it by 2.65x); other highlights include growing the customer base to more than 1,200 companies, from established enterprise leaders to new hypergrowth technology players; delivering more than 40+ new product features into the Snyk Developer Security Platform; and successfully acquiring FossID to expand license compliance and C/C++ capabilities.
Could you tell us a bit about how Snyk's platform works and is being utilised by developers?
Today’s developers need solutions that focus on empowered developers and help them own and build security in. Our Developer Security platform does just that - it seamlessly integrates into their existing dev tools, analyses the application they’re building, flags vulnerabilities and helps developers prioritise and fix them. We cover the full scope of the cloud native app, including code, open source dependencies, container images and infrastructure as code. The platform relies on Snyk intel, the industry leading database of known vulnerabilities. Our threat intel systems constantly listen to feeds across social, research and open-source channels, find vulnerability related mentions and funnel them to our analysts who filter and curate them in the DB. Our platform packages deep security expertise, so developers don’t have to be security experts themselves.
Why are you targeting developers rather than security teams?
Security needs to shift to developer-first, where it is built into the development process early rather than waiting to pass over to a separate security team when development is done. If companies want to build a secure product, it needs to be addressed as it is developed, not seen as an afterthought. Getting developers to embrace security, and build it into the fabric of software development is key to ensuring that security can keep up with the pace of modern development, and a fundamental requirement for securing our digital lives.
Snyk has been busy with the acquisitions of FossID and before that Deepcode and Manifold - can we expect to see more M&A activities in the near future?
These acquisitions have strengthened our offering and allowed us to serve more of the world’s developers. As we look to the future and continue on our mission, we’ll continue to review where acquisitions make strategic sense.
You've also teamed up with Trend Micro this year - can you tell us a bit about that partnership?
We partnered with Trend Micro to provide security operations teams visibility and tracking of vulnerabilities and license risks in open source components. The partnership already includes container image security scanning that leverages our vulnerability database. The solution we announced this year, Trend Micro Cloud One – Open Source Security by Snyk, provides continuous insight into open source vulnerabilities to enhance risk management and drive data-driven remediation decisions. Together we’re investing in the future of the cybersecurity industry, so security and development teams can effectively work together to make their organisations safer.
Most modern software utilises open source, but what are the risks involved for enterprises in terms of vulnerabilities?
The case for open source software is compelling. So much so that it has now become a standard part of the application development process. But there are still risks of open source software that should be considered when selecting projects for your stack. One way to evaluate an open source project is to look at such metrics as maintenance and security. Evaluating those parameters and comparing similar open source projects will help organisations make more educated decisions when it comes to security.
Snyk is growing quickly, but could you outline the long-term vision for the business?
We’re on a mission to make the digital world a safer place. Thousands of companies all over the world already use Snyk to help their engineering teams develop faster, and more securely. Our ultimate vision is to empower every one of the world’s developers to build amazing things quickly while always staying secure.