Snyk and Orca Security Forge Strategic Partnership Strengthening Holistic Application Security

Integration Between Developer-First ASPM and CNAPP Leaders Deepens AppSec and CloudSec Collaboration

Boston, MA — September 11, 2024 — Snyk, the leader in developer security, and Orca Security, the leader in agentless cloud security, today unveiled a new strategic partnership. The first milestone in this collaboration is a bi-directional integration combining Snyk’s developer-first Application Security Posture Management (ASPM) solution, Snyk AppRisk, with Orca’s purpose-built Cloud Native Application Protection Platform (CNAPP). Mutual customers are now equipped and empowered with unparalleled visibility into risks throughout the entire application lifecycle, from development to runtime. 

AppSec teams can now prioritize vulnerabilities in source code with risk factors from cloud environments, enabling more precise and proactive remediation. Combined with Snyk AppRisk, the integration enables holistic risk-based prioritization, ensuring that security professionals can tackle their most critical vulnerabilities first through a platform built with the developer experience top of mind.

Additionally, the integration of Snyk AppRisk with the Orca Cloud Security Platform enables security teams to now more deeply understand the application risks they see in production environments by tracing them all the way to their code origins. Within the Orca platform, users can see application risks and context for prioritization, while also being able to view Snyk findings within Orca’s Unified Data Model. This is delivered by Orca Security's patented SideScanning technology, which quickly detects risks within cloud environments, such as infrastructure misconfigurations, workload and application vulnerabilities and API exposure. Through this integration, mutual customers seamlessly link risk factors from containerized workloads scanned by the Orca platform directly to issues found in application code by the Snyk platform.

“Snyk has consistently demonstrated that we view security as the ultimate team sport, especially in today’s GenAI Era,” said Manoj Nair, Chief Product Officer, Snyk. “With Orca, we’re now showing the industry the power of combining our shift left approach with their leading CNAPP, together helping AppSec and CloudSec teams to more effectively prioritize to drive faster remediation.”

Snyk AppRisk combines this additional context into issues with a unique view of their association to applications, providing a comprehensive understanding of each risk so customers can effectively prioritize their most critical vulnerabilities first. For instance, issues found on container images that are used by running containers have a higher risk of unauthorized access and should be remediated first.

“Together, Snyk and Orca are committed to advancing a truly holistic approach to application security,” said Gil Geron, CEO and Co-Founder, Orca Security. “By joining forces, our customers can now benefit from putting the cloud insights within the Orca platform actionably into the hands of their developers, also facilitating the collaboration with their AppSec counterparts that will further fortify their overall risk posture.”

For more information on this integration, visit here.