Developer security solution provider, Snyk, has launched an application security posture management (ASPM) offering, dubbed Snyk AppRisk, to help application security (AppSec) teams monitor and manage their cybersecurity programs better.
The offering will feature a workbench, which will allow developers and security teams to collaborate and address cybersecurity challenges through asset discovery and risk-based prioritization.
“Snyk has been known as a pioneer in developer-focused tools to help developers better incorporate security into their development processes and free up security from being a bottleneck to faster cloud-native development cycles. It was mostly known for its software component analysis and software supply chain capabilities,” said Melinda Marks, senior analyst at ESG. “This (launch) helps them extend their brand as a broader application security vendor for modern, cloud-native development.”
Snyk AppRisk will be available in two editions. AppRisk Essentials, available immediately, will target existing Snyk customers and work only with Snyk tools. In early 2024, the company will launch AppRisk Pro, an enterprise-focused offering that’ll work with Synk and non-Snyk developer security tools.
Automating asset discovery, security controls, and risk prioritization
Snyk AppRisk combines the existing capabilities of the Snyk developer security platform — including telemetry and security controls — with an ASPM workbench and a set of new abilities for the DevSecOps teams.
AppRisk offers the ability to automate application asset discovery, which allows security teams to configure the ASPM workbench to discover application assets and classify them by business context continually. This context-based classification combined with Snyk’s existing controls to analyze and quantify risks powers the new risk prioritization engine.