On February 9, 2021, Alex Birsan disclosed his aptly named security research, dependency confusion. In his disclosure, he describes how a novel supply chain attack that exploits misconfiguration by developers, as well as design flaws of numerous package managers in the open source language-based software ecosystems, allowed him to gain access and exfiltrate data from companies such as Yelp, Tesla, Apple, Microsoft, and others.

It’s exciting to share the news of our new funding round. It let us bring onboard some amazing investors and funds for further growth, along with setting the company valuation at $8.5B — a pretty big number. When you look at this valuation, and consider these smart investors expect it to grow substantially, you may wonder — how can this market be big enough to support these numbers? I would say the real question is — how can it not be?

Snyk Code support for PHP vulnerability scanning is now available in beta. Now security issues in PHP code can be identified quickly and easily. To get started, log into Snyk or sign up for a free account. Once logged in on the dashboard, click on the Add Project button in the top right corner and connect to a repository you want to scan.

Empathy — that ability to understand what others are feeling — might be the secret ingredient when it comes to successfully shifting security into the developer world. Snyk co-founder and president Guy Podjarny hosts The Secure Developer podcast, and in interview after interview, guests have repeatedly spoken about how empathy, understanding, and a bias toward action are the biggest components of a successful developer-first security culture.

As organizations continue to adopt DevSecOps practices to deliver secure software, security ownership is an ever-critical consideration. Snyk recently held a roundtable with Twilio to discuss security ownership in 2021. In this post, we’ll recap the discussion between Guy Podjarny, President & Co-Founder of Snyk, and Yashvier Kosaraju, Senior Manager of Product Security at Twilio.

For many developers, a good IDE is like a Swiss Army knife. It is a tool that integrates all sorts of features you need as a developer in a single program. Therefore many developers primarily work from their favorite IDE instead of opening multiple single-purpose tools.

Yesterday, the Biden Administration called upon leaders from Amazon, Apple, Google, IBM and Microsoft as well as other private and non-profit organizations to discuss crucial measures for improving the overall cybersecurity posture of the United States. (This follows an Executive Order , which we wrote about in May, outlining a 100-day initiative to improve the security of the modern software supply chain ).

Across the tech startup space, growth is on fire, and a key differentiator of success will be your ability to scale your talent at the pace needed. Based on having gone through this phase at various companies over the past decade, I’ve been pulled into helping advise founders and heads of people at several earlier-stage startups. So I made it simpler, and drafted a Hypergrowth Playbook , with my learnings. We are happy to share this openly, to help the community at large.